savepluscu.com Open in urlscan Pro
185.133.42.146 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://savepluscu.com/
Submission: On May 21 via api (May 21st 2024, 2:22:38 am UTC) from BE — Scanned from DE

Summary HTTP 61 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 61 HTTP transactions. The main IP is 185.133.42.146, located in Russian Federation and belongs to ADMAN-AS, RU. The main domain is savepluscu.com.
TLS certificate: Issued by R3 on May 17th 2024. Valid for: 3 months.

This is the only time savepluscu.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Banking (Banking)

Domain & IP information

	IP Address		AS Autonomous System
60	185.133.42.146 185.133.42.146		57494 (ADMAN-AS) (ADMAN-AS)
1	172.67.72.223 172.67.72.223		13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	2

60 185.133.42.146 (Russian Federation)

ASN57494 (ADMAN-AS, RU)

savepluscu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.72.223 (United States)

ASN13335 (CLOUDFLARENET, US)

code.tidio.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
60	savepluscu.com savepluscu.com	2 MB
1	tidio.co code.tidio.co — Cisco Umbrella Rank: 17224
61	2

	Domain	Requested by
60	savepluscu.com	savepluscu.com
1	code.tidio.co	savepluscu.com
61	2

This site contains no links.

Subject Issuer	Validity	Valid
savepluscu.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
tidio.co GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://savepluscu.com/
Frame ID: 0701D6C708B268B7451C93B8BB4B5B46
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bank Smarter, SavePlus Credit Union

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

61
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

2373 kB
Transfer

2362 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response savepluscu.com/	24 KB 24 KB	582ms 226ms	Document text/html	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `4f934720787c568213d264bcb85fd2d463d4438cca7340a43b24f99d09b7f7fa` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers content-type text/html; charset=UTF-8 date Tue, 21 May 2024 02:22:30 GMT server nginx/1.20.2
GET H2	403	ujlkvqnmptb5ysnlazp7qkxo9tj4vrga.js code.tidio.co/	0 0	240ms 147ms	Script text/html	172.67.72.223 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code.tidio.co/ujlkvqnmptb5ysnlazp7qkxo9tj4vrga.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.223 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4jR6Uaq22XtCjgqbBhBGlsrxG9NuSNzG0sbC4InTca8GLVBPQSnDKM%2BgNxPYssrRN5H9W6XNZQSbtvKXj6bNJM3M45FAXQSgz7CvEddec%2BERMVPvjgC4tGyu8miaRY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 8871196d797d1daa-FRA
GET H2	200	bootstrap.min.css savepluscu.com/front/css/	160 KB 160 KB	115ms 112ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/bootstrap.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `cb8e6f9631be048c0e0cac4d93fca3931f0aa2c4d6e5c83a2c22b667ed0f093b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-28016" content-length 163862 content-type text/css
GET H2	200	animate.min.css savepluscu.com/front/css/	70 KB 70 KB	230ms 227ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/animate.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-1184c" content-length 71756 content-type text/css
GET H2	200	fontawesome.min.css savepluscu.com/front/css/	87 KB 87 KB	231ms 228ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/fontawesome.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `51378e1e8afaf0d01dacb6da2997f918193e39ca0dfbf27b3d2bee66274403c9` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-15c4e" content-length 89166 content-type text/css
GET H2	200	flaticon.css savepluscu.com/front/css/	2 KB 2 KB	231ms 228ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/flaticon.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `3cc4e820e703b35b69b3c4b71c9fb4a1150a27baa5bdfec64776f5dea4201365` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-604" content-length 1540 content-type text/css
GET H2	200	magnific-popup.min.css savepluscu.com/front/css/	5 KB 5 KB	231ms 229ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/magnific-popup.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-148b" content-length 5259 content-type text/css
GET H2	200	nice-select.css savepluscu.com/front/css/	3 KB 3 KB	231ms 229ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/nice-select.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `d8ba2f0d8e2516ee382a764e506ab91b4b1b02c8078bac475b10aa2d83494529` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-c71" content-length 3185 content-type text/css
GET H2	200	slick.min.css savepluscu.com/front/css/	2 KB 2 KB	231ms 229ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/slick.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `6c3b07b65a2bae0d0b8430524dbcffac75c20125514b04dbe5ebb48faca4df64` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-716" content-length 1814 content-type text/css
GET H2	200	owl.carousel.min.css savepluscu.com/front/css/	3 KB 3 KB	232ms 230ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/owl.carousel.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `4c04da57afb7c99fe3485be1e8a53273116dfd3043a504f94222a89aea345136` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-d1e" content-length 3358 content-type text/css
GET H2	200	owl.theme.default.min.css savepluscu.com/front/css/	1019 B 1 KB	232ms 230ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/owl.theme.default.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `33dbcf6a027199fab7bca71ce31c80154051a658f69ef98e7ddad581fefae1aa` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-3fb" content-length 1019 content-type text/css
GET H2	200	meanmenu.css savepluscu.com/front/css/	3 KB 3 KB	232ms 230ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/meanmenu.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `3886b107ba24c98a804e32fc22b2751b84e0b40acdf33a32142902ce076fc045` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-c4f" content-length 3151 content-type text/css
GET H2	200	odometer.min.css savepluscu.com/front/css/	3 KB 3 KB	232ms 230ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/odometer.min.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `53c8d41573daafb7177733ea705128818a28503ddc9bfc261a9988199b6069c6` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-cca" content-length 3274 content-type text/css
GET H2	200	style.css savepluscu.com/front/css/	183 KB 184 KB	232ms 231ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/style.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `eda1ed389a7f6e9b50202fd47ce79ca3a5ee8e7f19aeb4c669755d7662caf3b7` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-2dd74" content-length 187764 content-type text/css
GET H2	200	responsive.css savepluscu.com/front/css/	52 KB 52 KB	232ms 231ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/responsive.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `830fcdee7f211aec4ded7677fcdc08af6c2a1d9f2910d4ca56c75e8092e61c66` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-cf2b" content-length 53035 content-type text/css
GET H2	200	dark-style.css savepluscu.com/front/css/	49 KB 49 KB	232ms 231ms	Stylesheet text/css	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/css/dark-style.css Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `4d4542a6f8db9c15f9e0f3d5db3911123cd172053622823c0f7a9e1cc36d8d91` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-c45f" content-length 50271 content-type text/css
GET H2	200	city.png savepluscu.com/	22 KB 22 KB	232ms 231ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/city.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `6a5682190576c37523ddae8f37ed12adeba41c93d4c1dcbf642f1e661d66643d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Thu, 16 May 2024 11:51:32 GMT server nginx/1.20.2 accept-ranges bytes etag "6645f344-5773" content-length 22387 content-type image/png
GET H2	200	3.png savepluscu.com/front/img/	29 KB 29 KB	232ms 231ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/3.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `43782fea7dc864d5c2b3b5a46356236ce8b6e2754e8bfcd9ed071c2bc9733070` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-72f2" content-length 29426 content-type image/png
GET H2	200	circle.png savepluscu.com/front/img/	20 KB 20 KB	225ms 222ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/circle.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `0b76fd0f9811d84c01404d74bb7097e9b908a06af22c37cc6e2973af4170760e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-4e42" content-length 20034 content-type image/png
GET H2	200	1.png savepluscu.com/front/img/invoicing-image/	24 KB 25 KB	225ms 222ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/1.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `a2592be1c2009912e7b17b4d1a5022ded8c2237ec22d9fc381d307098808af9e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-61d3" content-length 25043 content-type image/png
GET H2	200	2.png savepluscu.com/front/img/invoicing-image/	8 KB 8 KB	226ms 225ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/2.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `6951f5ddaff6906a34ea3d6ef126e2a4af0d668b2c4904f26146248349da0cb2` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-20ce" content-length 8398 content-type image/png
GET H2	200	3.png savepluscu.com/front/img/invoicing-image/	8 KB 8 KB	226ms 225ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/3.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `b95df0cd387779894568be922e2ca845497f455e397bcc8c0c6bfc0d235d137b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-1ee7" content-length 7911 content-type image/png
GET H2	200	4.png savepluscu.com/front/img/invoicing-image/	10 KB 10 KB	227ms 225ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/4.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `60f9c169c73ace0533f2d8129220d72e650956ce2486fbaa37e81f2a5e10257b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-27f6" content-length 10230 content-type image/png
GET H2	200	main-pic.png savepluscu.com/front/img/invoicing-image/	42 KB 43 KB	227ms 225ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/main-pic.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `4d70e9862aff6ac84d0732146c9afc39bc4f9f6f4226fe11541e326f1ca51852` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-a979" content-length 43385 content-type image/png
GET H2	200	circle1.png savepluscu.com/front/img/invoicing-image/	2 KB 2 KB	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/circle1.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `c4be331bc355e304e8227874a23bce8eb923d34031d32649a364863fa49ac5f5` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-74c" content-length 1868 content-type image/png
GET H2	200	circle2.png savepluscu.com/front/img/invoicing-image/	2 KB 2 KB	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/invoicing-image/circle2.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `652d894377d69fbf54715637a7dea271c3de099be2c422acd614493bd9656bde` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-7f8" content-length 2040 content-type image/png
GET H2	200	features-2.png savepluscu.com/	350 KB 350 KB	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/features-2.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `ec4fc4bc4b5376400bfdcbdad1c902e400174463b10d120a98381a700c3f5dc4` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-576a2" content-length 358050 content-type image/png
GET H2	200	shape-1.png savepluscu.com/	367 B 492 B	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/shape-1.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `53979153c0658c98d5ed973b26caea75444325418076fed0e1c5ed2aeb969674` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-16f" content-length 367 content-type image/png
GET H2	200	app.png savepluscu.com/	113 KB 113 KB	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/app.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `2fe7980310cfb7e6fab2e15fdbbfff0917e7ed65c4200df1328be573ec2c4edc` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-1c399" content-length 115609 content-type image/png
GET H2	200	logo.png savepluscu.com/	22 KB 22 KB	227ms 226ms	Image image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/logo.png Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `6a5682190576c37523ddae8f37ed12adeba41c93d4c1dcbf642f1e661d66643d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Thu, 16 May 2024 11:51:32 GMT server nginx/1.20.2 accept-ranges bytes etag "6645f344-5773" content-length 22387 content-type image/png
GET H2	200	jquery.min.js Show response savepluscu.com/front/js/	87 KB 88 KB	225ms 222ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/jquery.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-15d9d" content-length 89501 content-type application/javascript; charset=UTF-8
GET H2	200	bootstrap.bundle.min.js Show response savepluscu.com/front/js/	76 KB 76 KB	225ms 222ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/bootstrap.bundle.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `120666e01d671db172cecd87aaaed5cb0feb2da24d971c291fe1b8e0f64b18ac` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-13105" content-length 78085 content-type application/javascript; charset=UTF-8
GET H2	200	meanmenu.js Show response savepluscu.com/front/js/	6 KB 6 KB	225ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/meanmenu.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `0927e12f94a642d9bbf07b4204102848162eeecadc02d002ace6fe334315b832` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-1793" content-length 6035 content-type application/javascript; charset=UTF-8
GET H2	200	nice-select.min.js Show response savepluscu.com/front/js/	3 KB 3 KB	225ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/nice-select.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `cd204d095086d67e207e13bae8ceb3de8759eb9eedcd4080809c929dc7af1065` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-b79" content-length 2937 content-type application/javascript; charset=UTF-8
GET H2	200	slick.min.js Show response savepluscu.com/front/js/	49 KB 50 KB	225ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/slick.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `db5a2153f69965283f3d434959ffbee8dc61514e524fb871c6faac56a1b6f742` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-c5f2" content-length 50674 content-type application/javascript; charset=UTF-8
GET H2	200	magnific-popup.min.js Show response savepluscu.com/front/js/	20 KB 20 KB	225ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/magnific-popup.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-4efb" content-length 20219 content-type application/javascript; charset=UTF-8
GET H2	200	appear.min.js Show response savepluscu.com/front/js/	2 KB 2 KB	226ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/appear.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `d90753594cd00dd75800fdef9abce6b0858c48b271801be7da85f4391343633c` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-735" content-length 1845 content-type application/javascript; charset=UTF-8
GET H2	200	odometer.min.js Show response savepluscu.com/front/js/	10 KB 10 KB	226ms 223ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/odometer.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `b98842a571aa1f32f8797a9d08186bb021f258925a8db4fe57d60129b858b1ec` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-2818" content-length 10264 content-type application/javascript; charset=UTF-8
GET H2	200	owl.carousel.min.js Show response savepluscu.com/front/js/	43 KB 43 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/owl.carousel.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `668bfb67cff6b815ff9f9b82e070d4ad8721414bca6f3de21f10fb9f3e5dfa32` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-ad3e" content-length 44350 content-type application/javascript; charset=UTF-8
GET H2	200	parallax.min.js Show response savepluscu.com/front/js/	13 KB 13 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/parallax.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `3d2e36686a71284b1f97ac0b6a388d26e5f6b707899038f66a40905d8845953a` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-33e2" content-length 13282 content-type application/javascript; charset=UTF-8
GET H2	200	wow.min.js Show response savepluscu.com/front/js/	8 KB 8 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/wow.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-1ff7" content-length 8183 content-type application/javascript; charset=UTF-8
GET H2	200	form-validator.min.js Show response savepluscu.com/front/js/	6 KB 6 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/form-validator.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `60c23945490cba413f3d6cf2cc57d5c560faeb0cf68ab38daedc80939966b108` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-17af" content-length 6063 content-type application/javascript; charset=UTF-8
GET H2	200	contact-form-script.js Show response savepluscu.com/front/js/	2 KB 2 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/contact-form-script.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `265185645e00fc68bc2f02248239c291f34a04afe7a9d971d86ccae0ee1aec08` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-866" content-length 2150 content-type application/javascript; charset=UTF-8
GET H2	200	jquery.ajaxchimp.min.js Show response savepluscu.com/front/js/	2 KB 2 KB	226ms 224ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/jquery.ajaxchimp.min.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `2dcc9f6916671ee0ee4c5f7c7b6f13c519189b65d371a39309c0d95b79050c28` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-94d" content-length 2381 content-type application/javascript; charset=UTF-8
GET H2	200	main2.js Show response savepluscu.com/front/js/	8 KB 9 KB	226ms 225ms	Script application/javascript	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/js/main2.js Requested by Host: savepluscu.com URL: https://savepluscu.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `844771753f491b23784e379f3c94dcc5e816d70bf451bfa7a386a09fbfb2b905` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-21dd" content-length 8669 content-type application/javascript; charset=UTF-8
GET H2	200	css savepluscu.com/	2 KB 2 KB	339ms 338ms	Stylesheet text/plain	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/css Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `8ff469880897cf3aecfc3396dbc76349a17682b60b33abeec3ce3f5f5db43c50` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "75b-610c2fd526800" content-length 1883
GET H2	200	css-1 savepluscu.com/	3 KB 3 KB	339ms 339ms	Stylesheet text/plain	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/css-1 Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `412bffa0f730032dcecebf4d9ab92b2c689cac259bdf0b2fbc118b8e121a8449` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:31 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "c48-610c2fd526800" content-length 3144
GET H2	200	main-banner1.jpg savepluscu.com/front/img/	101 KB 101 KB	112ms 112ms	Image image/jpeg	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://savepluscu.com/front/img/main-banner1.jpg Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `0ec61773ac4fb2162fb45bc9a3be2cb8f880c6f1b4a317a631767f2deffff542` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/style.css Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "65c304a0-19248" content-length 102984 content-type image/jpeg
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrQ.ttf savepluscu.com/s/raleway/v29/	48 KB 49 KB	118ms 117ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrQ.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css-1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `d1601441b33377861ff6b6af3f8f7547a5348802688e33b433f7e6cadf23c077` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css-1 Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "c1fc-610c2fd526800" content-length 49660 content-type application/font-sfnt
GET H2	200	Flaticon.woff2 savepluscu.com/front/fonts/	4 KB 4 KB	116ms 115ms	Font application/octet-stream	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/fonts/Flaticon.woff2 Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/flaticon.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `8a0cdff6e76a8bbdeb9b412165ded677648e805fa58a39d5feedd20743f4c5fa` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/flaticon.css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "fac-610c2fd526800" content-length 4012
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrQ.ttf savepluscu.com/s/raleway/v29/	48 KB 49 KB	121ms 120ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVs9pbCIPrQ.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css-1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `013557956c04088a0dfaf0939caf20561f885fc614327a5ee699f34929c1b0ea` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css-1 Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "c1d8-610c2fd526800" content-length 49624 content-type application/font-sfnt
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrQ.ttf savepluscu.com/s/raleway/v29/	49 KB 49 KB	117ms 116ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVuEorCIPrQ.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css-1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `bc029200f6f0c67fa6a85651ecf7adc40a9102740272b6e2747c392cfd93ba40` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css-1 Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "c200-610c2fd526800" content-length 49664 content-type application/font-sfnt
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc9.ttf savepluscu.com/s/roboto/v30/	35 KB 35 KB	119ms 118ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "8cd4-610c2fd526800" content-length 36052 content-type application/font-sfnt
GET H2	200	1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrQ.ttf savepluscu.com/s/raleway/v29/	49 KB 49 KB	120ms 120ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/raleway/v29/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrQ.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css-1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `1827bffe977aac9dfd0e86b9d087aa2b13473458bcda87310f1935d466e7bb3b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css-1 Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "c22c-610c2fd526800" content-length 49708 content-type application/font-sfnt
GET H2	200	KFOmCnqEu92Fr1Mu4mxP.ttf savepluscu.com/s/roboto/v30/	35 KB 36 KB	122ms 121ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "8d78-610c2fd526800" content-length 36216 content-type application/font-sfnt
GET H2	200	KFOlCnqEu92Fr1MmSU5fBBc9.ttf savepluscu.com/s/roboto/v30/	35 KB 36 KB	115ms 114ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc9.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "8d78-610c2fd526800" content-length 36216 content-type application/font-sfnt
GET H2	200	fa-brands-400.woff2 savepluscu.com/front/fonts/	102 KB 102 KB	119ms 119ms	Font application/octet-stream	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/fonts/fa-brands-400.woff2 Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/fontawesome.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/fontawesome.min.css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "19860-610c2fd526800" content-length 104544
GET H2	200	KFOkCnqEu92Fr1Mu51xIIzc.ttf savepluscu.com/s/roboto/v30/	37 KB 37 KB	202ms 202ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzc.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `9324593516e6cf25fa6bd406379d447a04a09269d5276cd1985e8dd933241aee` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "9278-610c2fd526800" content-length 37496 content-type application/font-sfnt
GET H2	200	1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJQ.ttf savepluscu.com/s/raleway/v29/	48 KB 48 KB	203ms 203ms	Font application/font-sfnt	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/s/raleway/v29/1Pt_g8zYS_SKggPNyCgSQamb1W0lwk4S4Y_LDrMfJQ.ttf Requested by Host: savepluscu.com URL: https://savepluscu.com/css-1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `83a5e39ad1188c31fc5b70d8274879741ad7c8e76405d359d8b314116b866517` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/css-1 Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "bf4c-610c2fd526800" content-length 48972 content-type application/font-sfnt
GET H2	200	fa-solid-900.woff2 savepluscu.com/front/fonts/	124 KB 124 KB	198ms 198ms	Font application/octet-stream	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/fonts/fa-solid-900.woff2 Requested by Host: savepluscu.com URL: https://savepluscu.com/front/css/fontawesome.min.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/front/css/fontawesome.min.css Origin https://savepluscu.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Wed, 07 Feb 2024 04:18:40 GMT server nginx/1.20.2 accept-ranges bytes etag "1ef6c-610c2fd526800" content-length 126828
GET H2	200	favicon.png savepluscu.com/front/img/	7 KB 7 KB	113ms 113ms	Other image/png	185.133.42.146 ADMAN-AS
General Check archive.org Show headers Download Go to Full URL https://savepluscu.com/front/img/favicon.png Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.133.42.146 , Russian Federation, ASN57494 (ADMAN-AS, RU), Reverse DNS Software nginx/1.20.2 / Resource Hash `1cc3f67c2980ea40e28d41e68760efef141dc6e99c04d8daa44f03d1cd9f41d8` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://savepluscu.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 21 May 2024 02:22:32 GMT last-modified Thu, 16 May 2024 11:52:04 GMT server nginx/1.20.2 accept-ranges bytes etag "6645f364-1b7f" content-length 7039 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Banking (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| uidEvent object| bootstrap function| Odometer function| jarallax function| WOW function| setTheme function| toggleTheme

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://code.tidio.co/ujlkvqnmptb5ysnlazp7qkxo9tj4vrga.js Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.tidio.co
savepluscu.com
172.67.72.223
185.133.42.146
013557956c04088a0dfaf0939caf20561f885fc614327a5ee699f34929c1b0ea
0927e12f94a642d9bbf07b4204102848162eeecadc02d002ace6fe334315b832
0b76fd0f9811d84c01404d74bb7097e9b908a06af22c37cc6e2973af4170760e
0ec61773ac4fb2162fb45bc9a3be2cb8f880c6f1b4a317a631767f2deffff542
120666e01d671db172cecd87aaaed5cb0feb2da24d971c291fe1b8e0f64b18ac
1827bffe977aac9dfd0e86b9d087aa2b13473458bcda87310f1935d466e7bb3b
1b099f88c06ed0869872561c157f0ec9cbe133a0939d9ece4ee1e1f54bd4683d
1cc3f67c2980ea40e28d41e68760efef141dc6e99c04d8daa44f03d1cd9f41d8
265185645e00fc68bc2f02248239c291f34a04afe7a9d971d86ccae0ee1aec08
29bc44694c394921d1f00271128a2e4cd8293516216e24eac07a73fa821fc1f5
2dcc9f6916671ee0ee4c5f7c7b6f13c519189b65d371a39309c0d95b79050c28
2fe7980310cfb7e6fab2e15fdbbfff0917e7ed65c4200df1328be573ec2c4edc
3162b6468674133d7b6c903e4b8a06f7faf51216d1e7f8b3edc8f326b1bfe461
33dbcf6a027199fab7bca71ce31c80154051a658f69ef98e7ddad581fefae1aa
3886b107ba24c98a804e32fc22b2751b84e0b40acdf33a32142902ce076fc045
3cc4e820e703b35b69b3c4b71c9fb4a1150a27baa5bdfec64776f5dea4201365
3d2e36686a71284b1f97ac0b6a388d26e5f6b707899038f66a40905d8845953a
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
412bffa0f730032dcecebf4d9ab92b2c689cac259bdf0b2fbc118b8e121a8449
43782fea7dc864d5c2b3b5a46356236ce8b6e2754e8bfcd9ed071c2bc9733070
4501b0c41bd6ffd12d34114eed5113b9e136f5f1715d7b4348dd1ccb570470f9
4c04da57afb7c99fe3485be1e8a53273116dfd3043a504f94222a89aea345136
4d4542a6f8db9c15f9e0f3d5db3911123cd172053622823c0f7a9e1cc36d8d91
4d70e9862aff6ac84d0732146c9afc39bc4f9f6f4226fe11541e326f1ca51852
4f934720787c568213d264bcb85fd2d463d4438cca7340a43b24f99d09b7f7fa
51378e1e8afaf0d01dacb6da2997f918193e39ca0dfbf27b3d2bee66274403c9
53979153c0658c98d5ed973b26caea75444325418076fed0e1c5ed2aeb969674
53c8d41573daafb7177733ea705128818a28503ddc9bfc261a9988199b6069c6
60c23945490cba413f3d6cf2cc57d5c560faeb0cf68ab38daedc80939966b108
60f9c169c73ace0533f2d8129220d72e650956ce2486fbaa37e81f2a5e10257b
652d894377d69fbf54715637a7dea271c3de099be2c422acd614493bd9656bde
668bfb67cff6b815ff9f9b82e070d4ad8721414bca6f3de21f10fb9f3e5dfa32
6951f5ddaff6906a34ea3d6ef126e2a4af0d668b2c4904f26146248349da0cb2
6a5682190576c37523ddae8f37ed12adeba41c93d4c1dcbf642f1e661d66643d
6c3b07b65a2bae0d0b8430524dbcffac75c20125514b04dbe5ebb48faca4df64
830fcdee7f211aec4ded7677fcdc08af6c2a1d9f2910d4ca56c75e8092e61c66
83a5e39ad1188c31fc5b70d8274879741ad7c8e76405d359d8b314116b866517
844771753f491b23784e379f3c94dcc5e816d70bf451bfa7a386a09fbfb2b905
8a0cdff6e76a8bbdeb9b412165ded677648e805fa58a39d5feedd20743f4c5fa
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
8ff469880897cf3aecfc3396dbc76349a17682b60b33abeec3ce3f5f5db43c50
9324593516e6cf25fa6bd406379d447a04a09269d5276cd1985e8dd933241aee
a2592be1c2009912e7b17b4d1a5022ded8c2237ec22d9fc381d307098808af9e
a61e123314188bd0453320008e01b4bbb665bee09039f4cbd9bef44de410ce67
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b95df0cd387779894568be922e2ca845497f455e397bcc8c0c6bfc0d235d137b
b98842a571aa1f32f8797a9d08186bb021f258925a8db4fe57d60129b858b1ec
bc029200f6f0c67fa6a85651ecf7adc40a9102740272b6e2747c392cfd93ba40
c4be331bc355e304e8227874a23bce8eb923d34031d32649a364863fa49ac5f5
cb8e6f9631be048c0e0cac4d93fca3931f0aa2c4d6e5c83a2c22b667ed0f093b
cd204d095086d67e207e13bae8ceb3de8759eb9eedcd4080809c929dc7af1065
d1601441b33377861ff6b6af3f8f7547a5348802688e33b433f7e6cadf23c077
d8ba2f0d8e2516ee382a764e506ab91b4b1b02c8078bac475b10aa2d83494529
d90753594cd00dd75800fdef9abce6b0858c48b271801be7da85f4391343633c
db5a2153f69965283f3d434959ffbee8dc61514e524fb871c6faac56a1b6f742
ec4fc4bc4b5376400bfdcbdad1c902e400174463b10d120a98381a700c3f5dc4
eda1ed389a7f6e9b50202fd47ce79ca3a5ee8e7f19aeb4c669755d7662caf3b7
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127