rpzztznncm.pics Open in urlscan Pro
2606:4700:3033::6815:5ab1 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rpzztznncm.pics/
Effective URL:
https://rpzztznncm.pics/
Submission: On May 01 via api (May 1st 2024, 9:05:32 pm UTC) from US — Scanned from DE

Summary HTTP 25 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 25 HTTP transactions. The main IP is 2606:4700:3033::6815:5ab1, located in United States and belongs to CLOUDFLARENET, US. The main domain is rpzztznncm.pics.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2024. Valid for: 3 months.

This is the only time rpzztznncm.pics was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Interac (Banking) Scotiabank (Banking) DesJardins (Financial)

Domain & IP information

	IP Address	AS Autonomous System
24	2606:4700:303... 2606:4700:3033::6815:5ab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
25	2

24 2606:4700:3033::6815:5ab1 (United States)

ASN13335 (CLOUDFLARENET, US)

rpzztznncm.pics	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	rpzztznncm.pics rpzztznncm.pics	62 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 363	30 KB
25	2

	Domain	Requested by
24	rpzztznncm.pics	rpzztznncm.pics
1	ajax.googleapis.com	rpzztznncm.pics
25	2

This site contains no links.

Subject Issuer	Validity	Valid
rpzztznncm.pics GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rpzztznncm.pics/
Frame ID: B24C296799F9AE5951A0ABDC92DD1476
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Deposit your INTERAC e-Transfer

Page URL History Show full URLs

http://rpzztznncm.pics/ HTTP 307
https://rpzztznncm.pics/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

92 kB
Transfer

255 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rpzztznncm.pics/ HTTP 307
https://rpzztznncm.pics/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
rpzztznncm.pics/
Redirect Chain

http://rpzztznncm.pics/
https://rpzztznncm.pics/

23 KB
6 KB

367ms
260ms

Document
text/html

2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aa5469631ad9b869f2cb6d18c6a9e0270a28b51764ba91077ae1582a550df86

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 87d2bad87d245d6f-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 May 2024 21:05:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rLkeOtOmo2vhTvi37ph2VwDlS7RQUn5kRhe%2FjFcXRk6HgnqpGrrHj%2F%2FXCOXxLLF26U2wJdwStubwoAmtcOx0N%2FWGH85p%2FvPMjnHUaHGtgIBSwV%2FtP1050MueTvdkCf9bupDG1uFWncFjslUdDa8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

Location: https://rpzztznncm.pics/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 output.css
rpzztznncm.pics/dist/ 26 KB
6 KB 31ms
30ms Stylesheet
text/css 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpzztznncm.pics/dist/output.css
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbab7376beeb0b3d3f058c9ed6aea3dca17100a2e2b79c0290ed60c44e309ab0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-6771"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1PzDFwG4VXwckUaRQAAindXibydDnlkPXsi3pgmf5Pv5Ejep%2FrIoFrZSVdPYl2EabdO%2Bk1mgW%2F%2BlZi7hBgjBzqfCMl7Fnhn%2BCTz2P2LRsSUZx9l9gVVuDOBzr1TdEiU%2BoQ9Rt7Gm8kjCZTqvayY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 87d2bada4f7a5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 style.css
rpzztznncm.pics/css/ 2 KB
1 KB 29ms
28ms Stylesheet
text/css 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpzztznncm.pics/css/style.css
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57fcc59774125fb8e55a3bf640ec8d460b230d561257f3854a74a86d1b50530a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-7cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzxdy9fVyDAVTFM8o6F1XeKuR6U6kYhp%2BRr4mxzQfS2peXD9QnVrbXKJlD2oojjnzWflfWysRLz5P9M%2FP8pdW1USwvTgteQgFD3aIfx4yWk7QAFYauvlIp1ErhEYnjREA2jew4odh%2BAszIYrmTc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 87d2bada4f7c5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.7.1/ 85 KB
30 KB 72ms
16ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.7.1/jquery.min.js

Requested by

Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 20:15:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30462
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 02:38:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 May 2025 20:15:06 GMT

GET
H3 200 etransfer_logo.svg
rpzztznncm.pics/img/ 3 KB
2 KB 31ms
30ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/etransfer_logo.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc0d2da3df362a41c529546ec109192feee1c804ba930c85b0977f1224a7eea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-d9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcULr8H3pxUMrD8d12OcF6bsAhhAlqjjBC48x6C%2BVHfQZ7uwKUnM%2B3preJnr6nssYsm8K33ed0kg6HXp8VHQDej0AlHBFeWr%2B9%2FKQUk0tVfSdFquoyOStEXzbF5xDNFBLMQ6j8WmxZGgwvVJre4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2bada4f7e5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 question-mark.svg
rpzztznncm.pics/img/ 1 KB
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/question-mark.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 615c1250335dcbfddff71eb876481abfdcbb93014d1b7892fff34b5a11d1f3c1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-4c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cP6KT8DZpwNcIYMim0TW4o%2BNeM7ddcRBOqzH5YD%2B1AKZjpPDcnvbGagqGzJRDFOMzsvkn2iSe5tFo5W8owZHb%2FhO%2BKHDEne1KZsKapcYKpet2r6dMCXefEwHUQE%2FElrBFTASU%2Bt3n0jk4tDe46s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2bada4f805d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 index.js Show response
rpzztznncm.pics/script/ 27 KB
4 KB 25ms
25ms Script
application/javascript 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpzztznncm.pics/script/index.js
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02a58262cc3b62a474f67f8d7696bd6754e9cfaef0917b2472f12fe58c1ddef6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-6a46"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3StBdWBJjeYDDJpMXFDkyuaQCB8DaQA9NpnVXvIw7aHoVCHlaUH3V6Mn4WAvwld8vLeqf%2BqE1kYqEYvxRKXujo6DngaHJ79Z%2B3yxnDcn0q7ABXRzvaKwb8jYAy4LrQcM7TfbdDCb9NXSsbt85Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 87d2bada9fce5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 atb.svg
rpzztznncm.pics/img/ 3 KB
2 KB 26ms
26ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/atb.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f8924501acf0b74cd643c2b31884c5a672fd14fc5a8655a96eb12ee61a53e6

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-cb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GNkQcG4Xt0ydt6SQu2diJufSEOHwTmSW0T%2FV8Tynq2pMCeiWM1ej5hSEOu%2FQSKcHKLywJW4bjDjt6ywcFNfSVABPLAmgxkLh%2Fu%2F%2B97rkFkz0fbf7nq%2FZFyeamkvfmiplgJlOnI9Jb3QMMcqPjEE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badaafd75d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 bmo.svg
rpzztznncm.pics/img/ 5 KB
2 KB 34ms
33ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/bmo.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e809b0eb980a76fdbb2e3fd35fbdbd53f3066757d709535488bb2b535e7c1287

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-13e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jQse1bVGKb5SruS56N8A1c3ZEwZSzBiG4%2BHW8kR1M2lf4zeX4prR9XYfrFAjA1cXlU7tb1IcMwctwJfhIIncWVvctMiwTk9pYbygngXXNUmIj3ejoHYCK2GwzrrcXf3OIsEK74dosE74ceJ8J0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badac8145d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 cibc.svg
rpzztznncm.pics/img/ 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/cibc.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a61c1d3e6748d60d00bd9a6c8b97e43a3c6c353d7bce861d1a83a6e730bdc85d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-805"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9YIILLfQuOBUZ8KbuAZoRZyfWm62D%2Fx5s8vHGh0jRjK2fYi37RCuEdfcmfE40%2FmfDyiBqYmlE4gG%2FQ17iWUXVe5NHbdTkmGzfD8aqqq482h4f7pWQckUgjmdtHkb9BMNEHd6rBjon5IL4cKBd2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badac8165d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 des.svg
rpzztznncm.pics/img/ 3 KB
2 KB 28ms
27ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/des.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f35aa0c2e2585bee1a80fd70e62cd0280f24c1d16f79a2e0fb5913d5885b75

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-b22"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqaxvBFSiVnOieS9Kk0SU66bd6xZeujoVA%2BKxD59DzLL4IfnPjSQN%2BXS5s%2FsBGzNFFLtjqlUD%2FqGOsGm9cF%2BINuLbFkxnsfgt9ec4aM6FmxYeL6XBrbO2HGJCbF4G23cpvBFB7NsELbspR9Tkws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8255d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 hsbc.svg
rpzztznncm.pics/img/ 3 KB
2 KB 29ms
27ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/hsbc.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd831beffe1b0b1111a53c87e007a3bb6e8d60af1fed24a8d961bb430de3416e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-df1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Y7JlxYcWOqht9SfMVPwcIdpTrRGyCnXFdg5FxCmbT9FwThkribJqAKkaWtRIxdTPoxe5Daaq%2FEq2dtqt74PeQVESEYX%2Bu3SHY3DDMuc0JvLKs74vmdoVZPSbuiz7CQ%2B06c6ZmMCvk2s%2By9cdww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8295d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 lau.svg
rpzztznncm.pics/img/ 5 KB
2 KB 37ms
35ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/lau.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36905fec112199bbe86e19ad00b37bf49474d9f1411148353c33252c9480a4b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-1392"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1aiZoX4BXD%2F9k%2B0SKTwc1awWmTPUu6KMjwI8qhLibmQ91KD%2BhbZ5DsrQbaiTVYHL3NS0%2Bq96wBiI9%2BC1xeqIcBzV9CHJz3P56bhaCg15e4Ux%2F1l6uXNeBucnZnjgf3cDa3rzVaM0vd1GOBwLSzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad82c5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 manu.svg
rpzztznncm.pics/img/ 8 KB
3 KB 32ms
30ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/manu.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac88c8b1336fc9a06690a5f36e632fb0c1a2baa4871e7b4623ffe7765c172d2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-2142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Sw9%2Fyjt8O35TpxnWNoxlAuQRqKVf9jnccWRd0o48pcKpxINFz6TIIRLx8vNxw7HDK3rZ7NVtxs3jVPbEVUuOnSq2NECdK3yeWdjXO9nNnRzyuRubn%2B0srrtNvtOtg%2BIN7DOOoBonver%2BnNHTpw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad82e5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 meri.svg
rpzztznncm.pics/img/ 3 KB
2 KB 29ms
28ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/meri.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe790203d627713953e9e50255fee1feb140e12f31c40ec392bca4a3446030a9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-d9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=91KAvXl0zrXE9X6noNR6cUTkoWSrmjnPr5GiZ3t8t9dVAJoyOvvYoWr9NxETLEMr9xLLe5qYX%2FOq%2F1RvwQErQUKOmNPp1TNYBpMZWJAI1LKeTbeAUGzYzGQsPkwIKW2%2B6HhX1RS2KM4oaFCTNSg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8315d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 motus.svg
rpzztznncm.pics/img/ 4 KB
2 KB 30ms
29ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/motus.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 871719d328f5e271c2e8211f2d222a215d239f497bcbbeaff061d192b66f53ca

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-fb9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X0UUA6CqbQydQd5aZgjKasEMVIsyqlGQyFpaQIdMMhRc9pIV%2BBmQIJZr3SL3AqiXC1uVFLWfRXbLn4rOENcKGZOaAlxX5FTKXhnUt0AAk5HrXEl4W1dbeesZvZl%2BUwix8MvB7sVulxvJIkb%2B25s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8375d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 nat.svg
rpzztznncm.pics/img/ 5 KB
2 KB 33ms
32ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/nat.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94cee90303fbc11e769c3d0eb8f72017acb4b390c6800f3cdfffed066a9a2986

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-13f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pmRmdSg2kcDrbyYrwdTUnWPh5de05qvuOeetINSKYczlKAmYmiyB1ybBJn6AETerBG79CN1uyJazURKBTeuGwjfaIchy818bTa%2BWKsduEwGJ6xsrxxhtHXY2Tq2%2Bd0SDkg3i5XctlgdCyfw7Q3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8395d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 financ.svg
rpzztznncm.pics/img/ 11 KB
5 KB 34ms
33ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/financ.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b8f8a557b59ec01d3db03ab3317224334cd692c7a4ba3f455181f90220795a7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-2b41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7DR7hDyjCrgSpvstxUmKY3vEGr5SfmJzXZuMBiG2EvZWudErn%2Fe2x2RfZvCbYHah045roIuJ8PLuVldcdYB%2BoRsmEmY82wjSsRyVeCbcwxGCAYduXQGioE43SSBCT7DDp%2FwfvN8Lv12rVEKDXyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad83d5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 peop.svg
rpzztznncm.pics/img/ 7 KB
3 KB 41ms
40ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/peop.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d23c857b93d59d59f9e035586f39121795d09e9c08161d7784e2e18e4683b2d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-1b26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6behYCRl74injWkBJtis%2F%2BuwWcMd9rEbVj3iAvwYL%2FFA8al8sjm1aY5R8jvsqUKpr9oLGSQM47qau9soDugPYwmeA8dFQbzbusTwIzB1B%2FhsPfTvpdnPyWUjv2OD%2FXrNMmm6KvBMDtM5kDc1KLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8415d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 scotia.svg
rpzztznncm.pics/img/ 4 KB
2 KB 35ms
34ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/scotia.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53efae3b084ec3d78ffd09836a8a518385398c8ec2427b5413574ac26472674d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-e23"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6QOWY9URwiYm%2BRp8iXynVsmqXzk%2B3nDHzLOHPrmS7So%2FmhRue%2FVpNqGr%2Fp1yeqzEYwGdCnb2ELmMtDWtweZwj9bjyJk6xhVmZittVthxSGbZKx0PHUoGGMxbz46HAdK0SV2eSURE%2B0YU366sAuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8465d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 simp.svg
rpzztznncm.pics/img/ 8 KB
4 KB 37ms
36ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/simp.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 966d892ac6aed4ca5da4c19b2c3b7ae22b35bdc0d1bf8a97084048a621eb7ef5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-202b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKnIsbD75OXfqgwByzvumTgwjtUx62kgamopjtbgmpEZQI5apXNaoa1dfsVaxw7YU63YeiLAy6jwi%2FZFUpKL44hypvbqSQyMoeYO09qokalEXXku%2BCfNvST0mKuewV5VRuq%2BTOpJa5EHKX3hbso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad84a5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 tangerine.svg
rpzztznncm.pics/img/ 7 KB
3 KB 37ms
36ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/tangerine.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a710a36e43fd4251dc9e7ea725333404f0a50598297f67238956555bc4b3bd23

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-1b90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvpwdrkKqyVeEd4x%2BufcWbYqLNNPx6zlYOJJgHm4IWtpXE2K6dL9pi9WlPrvqrKOtrJNNQnURYPY88MqTvpjxbPLu8SKcLFV0jhET7kxW7ccR3WcApBA%2Bv7t2jvSktXnAyPIIkHvD4l0zfbOCxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad84d5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 td.svg
rpzztznncm.pics/img/ 945 B
1 KB 43ms
42ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/td.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b610cf830e7cb984cb0ad1e39428b631fbd6db7e3c4b9220c4672ca48864055

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-3b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBIrhyf%2Bgsl0pg4Mdf8Efz%2FLRX7z5W%2BoB6wBKw3bRuG26LrwYoqIapBwNRzitYRCXWhjbXPPjrxLGgjJIO%2Bx5YP97uIAr5UL1Su%2Bv2eHK%2FB4fBrUXCsvJEQwzAJsNlHz3mvsL0QKfBvTz%2BRA62s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad84f5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 rbc.svg
rpzztznncm.pics/img/ 5 KB
3 KB 39ms
38ms Image
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpzztznncm.pics/img/rbc.svg
Requested by: Host: rpzztznncm.pics
URL: https://rpzztznncm.pics/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34cdbe5ad40b8023272c20688cb448c890c342ed2d49e191f2034671a803b6ec

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-14c1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MBfhJd3khoCMKj3Ir2IlIu5HXP3t8EGMcdM3lKLKwJkPYCbkuNZjGsDfcbnDn3dnCb%2BUzFxMJ7JVO2TK0PctzdKNT9ISi7LnkYU3Ck1275ldBljLAQLfkEoHkbgFPdOpMsy%2B2FqkDd%2Bp%2B%2FahmY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2badad8525d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

GET
H3 200 etransfer_logo.svg
rpzztznncm.pics/img/ 3 KB
0 0ms
0ms Other
image/svg+xml 2606:4700:3033::6815:5ab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpzztznncm.pics/img/etransfer_logo.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:5ab1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cc0d2da3df362a41c529546ec109192feee1c804ba930c85b0977f1224a7eea

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://rpzztznncm.pics/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 01 May 2024 21:05:28 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 May 2024 17:11:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5621
etag: W/"663277c9-d9b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcULr8H3pxUMrD8d12OcF6bsAhhAlqjjBC48x6C%2BVHfQZ7uwKUnM%2B3preJnr6nssYsm8K33ed0kg6HXp8VHQDej0AlHBFeWr%2B9%2FKQUk0tVfSdFquoyOStEXzbF5xDNFBLMQ6j8WmxZGgwvVJre4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=86400
cf-ray: 87d2bada4f7e5d6f-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 02 May 2024 19:31:47 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Interac (Banking) Scotiabank (Banking) DesJardins (Financial)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			rpzztznncm.pics/	1970-01-21 05:52:37	Name: hash Value: IjI2NTcwMTcxNDU5NzUyOCI%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
rpzztznncm.pics
2606:4700:3033::6815:5ab1
2a00:1450:4001:803::200a
02a58262cc3b62a474f67f8d7696bd6754e9cfaef0917b2472f12fe58c1ddef6
0ac88c8b1336fc9a06690a5f36e632fb0c1a2baa4871e7b4623ffe7765c172d2
0b610cf830e7cb984cb0ad1e39428b631fbd6db7e3c4b9220c4672ca48864055
1b8f8a557b59ec01d3db03ab3317224334cd692c7a4ba3f455181f90220795a7
2cc0d2da3df362a41c529546ec109192feee1c804ba930c85b0977f1224a7eea
2d23c857b93d59d59f9e035586f39121795d09e9c08161d7784e2e18e4683b2d
34cdbe5ad40b8023272c20688cb448c890c342ed2d49e191f2034671a803b6ec
36905fec112199bbe86e19ad00b37bf49474d9f1411148353c33252c9480a4b0
45f8924501acf0b74cd643c2b31884c5a672fd14fc5a8655a96eb12ee61a53e6
53efae3b084ec3d78ffd09836a8a518385398c8ec2427b5413574ac26472674d
57fcc59774125fb8e55a3bf640ec8d460b230d561257f3854a74a86d1b50530a
5aa5469631ad9b869f2cb6d18c6a9e0270a28b51764ba91077ae1582a550df86
615c1250335dcbfddff71eb876481abfdcbb93014d1b7892fff34b5a11d1f3c1
871719d328f5e271c2e8211f2d222a215d239f497bcbbeaff061d192b66f53ca
94cee90303fbc11e769c3d0eb8f72017acb4b390c6800f3cdfffed066a9a2986
95f35aa0c2e2585bee1a80fd70e62cd0280f24c1d16f79a2e0fb5913d5885b75
966d892ac6aed4ca5da4c19b2c3b7ae22b35bdc0d1bf8a97084048a621eb7ef5
a61c1d3e6748d60d00bd9a6c8b97e43a3c6c353d7bce861d1a83a6e730bdc85d
a710a36e43fd4251dc9e7ea725333404f0a50598297f67238956555bc4b3bd23
cd831beffe1b0b1111a53c87e007a3bb6e8d60af1fed24a8d961bb430de3416e
dbab7376beeb0b3d3f058c9ed6aea3dca17100a2e2b79c0290ed60c44e309ab0
e809b0eb980a76fdbb2e3fd35fbdbd53f3066757d709535488bb2b535e7c1287
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fe790203d627713953e9e50255fee1feb140e12f31c40ec392bca4a3446030a9

rpzztznncm.pics Open in urlscan Pro 2606:4700:3033::6815:5ab1 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

92 kBTransfer

255 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

Indicators

rpzztznncm.pics Open in urlscan Pro
2606:4700:3033::6815:5ab1 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

92 kB
Transfer

255 kB
Size

1
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!