212.104.43.201 Open in urlscan Pro
212.104.43.201 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://212.104.43.201/errors/53/ndex.php
Submission: On December 09 via automatic, source openphish (December 9th 2022, 1:27:26 am UTC) — Scanned from DE

Summary HTTP 258 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 25 domains to perform 258 HTTP transactions. The main IP is 212.104.43.201, located in Italy and belongs to INIT-AS, IT. The main domain is 212.104.43.201.

This is the only time 212.104.43.201 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fifth Third Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
94	212.104.43.201 212.104.43.201	9076 (INIT-AS) (INIT-AS)
2	104.111.239.138 104.111.239.138	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.243.172.78 34.243.172.78	16509 (AMAZON-02) (AMAZON-02)
6	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	96.16.149.96 96.16.149.96	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	3.22.179.81 3.22.179.81	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
16	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2.21.20.135 2.21.20.135	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	99.80.65.0 99.80.65.0	16509 (AMAZON-02) (AMAZON-02)
1 2	54.75.234.63 54.75.234.63	16509 (AMAZON-02) (AMAZON-02)
1	52.19.35.175 52.19.35.175	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2600:9000:225... 2600:9000:225e:7400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 3	142.0.165.165 142.0.165.165	7160 (NETDYNAMICS) (NETDYNAMICS)
3 5	142.0.173.20 142.0.173.20	7160 (NETDYNAMICS) (NETDYNAMICS)
1	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
27	91.235.132.75 91.235.132.75	30286 (THM) (THM)
1 5	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	192.225.158.3 192.225.158.3	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
258	37

94 212.104.43.201 (Italy)

ASN9076 (INIT-AS, IT)

212.104.43.201	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.239.138 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-138.deploy.static.akamaitechnologies.com

www.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.172.78 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-172-78.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.16.149.96 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-149-96.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.22.179.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-179-81.us-east-2.compute.amazonaws.com

collector-16829.us.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.135 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-135.deploy.static.akamaitechnologies.com

fast.fifththird.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.65.0 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-65-0.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.234.63 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-234-63.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.35.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-35-175.eu-west-1.compute.amazonaws.com

fifththirdbank.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:7400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

tms.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.165.165 (Ashburn, United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

eloqua.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.0.173.20 (United States) 3 redirects

ASN7160 (NETDYNAMICS, US)

contactforms.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States) 1 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 91.235.132.75 (United States)

ASN30286 (THM, US)

event.evtm.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	53.com 4 redirects www.53.com — Cisco Umbrella Rank: 77221 tms.53.com eloqua.53.com — Cisco Umbrella Rank: 113194 contactforms.53.com — Cisco Umbrella Rank: 113512 event.evtm.53.com — Cisco Umbrella Rank: 70238	175 KB
25	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	1 MB
16	google.com www.google.com — Cisco Umbrella Rank: 2	2 KB
7	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 3209 3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net 3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net	33 KB
7	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	166 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6073	848 B
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	5 KB
5	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 546 platform.twitter.com — Cisco Umbrella Rank: 727 syndication.twitter.com — Cisco Umbrella Rank: 1025	105 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 619 px4.ads.linkedin.com — Cisco Umbrella Rank: 6442	3 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 198 fast.fifththird.demdex.net	6 KB
3	t.co 1 redirects t.co — Cisco Umbrella Rank: 504	1 KB
3	tvsquared.com collector-16829.us.tvsquared.com — Cisco Umbrella Rank: 100817	9 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	55 KB
2	addthis.com m.addthis.com — Cisco Umbrella Rank: 1578 s7.addthis.com — Cisco Umbrella Rank: 1623 Failed	26 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 865	375 B
2	everesttech.net 2 redirects cm.everesttech.net — Cisco Umbrella Rank: 949	772 B
2	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 923	3 KB
2	en25.com img.en25.com — Cisco Umbrella Rank: 5869	5 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 400	1 KB
1	omtrdc.net fifththirdbank.tt.omtrdc.net — Cisco Umbrella Rank: 74342	536 B
1	gstatic.com fonts.gstatic.com	44 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 761	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 614	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36	1 KB
258	25

	Domain	Requested by
27	event.evtm.53.com	212.104.43.201 event.evtm.53.com
25	www.googletagmanager.com	assets.adobedtm.com www.googletagmanager.com 212.104.43.201
16	www.google.com	212.104.43.201
7	assets.adobedtm.com	212.104.43.201 assets.adobedtm.com
5	h.online-metrix.net	1 redirects 212.104.43.201 event.evtm.53.com
5	www.google.de	212.104.43.201
5	contactforms.53.com	3 redirects 212.104.43.201
5	googleads.g.doubleclick.net	www.googletagmanager.com
3	eloqua.53.com	1 redirects 212.104.43.201
3	t.co	1 redirects 212.104.43.201
3	collector-16829.us.tvsquared.com	212.104.43.201
3	connect.facebook.net	assets.adobedtm.com connect.facebook.net
3	dpm.demdex.net	1 redirects assets.adobedtm.com 212.104.43.201
2	syndication.twitter.com	platform.twitter.com 212.104.43.201
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	analytics.twitter.com	212.104.43.201
2	cm.everesttech.net	2 redirects
2	pixel.mathtag.com	1 redirects 212.104.43.201
2	img.en25.com	212.104.43.201
2	www.53.com	212.104.43.201
1	3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net
1	3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net	212.104.43.201
1	www.facebook.com	212.104.43.201
1	s7.addthis.com	212.104.43.201
1	m.addthis.com	212.104.43.201
1	platform.twitter.com	212.104.43.201
1	tms.53.com	assets.adobedtm.com
1	z.moatads.com	212.104.43.201
1	px4.ads.linkedin.com	212.104.43.201
1	www.linkedin.com	1 redirects
1	fifththirdbank.tt.omtrdc.net	assets.adobedtm.com
1	fast.fifththird.demdex.net	assets.adobedtm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	snap.licdn.com	assets.adobedtm.com
1	static.ads-twitter.com	assets.adobedtm.com
1	fonts.googleapis.com	212.104.43.201
258	37

This site contains links to these domains. Also see Links.

Domain
www.53.com
locations.53.com
express.53.com
onlinebanking.53.com
ir.53.com

Subject Issuer	Validity	Valid
www.53.com Entrust Certification Authority - L1K	`2022-07-28` - `2023-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-17` - `2022-12-16`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
evtm.53.com Entrust Certification Authority - L1K	`2022-08-11` - `2023-08-11`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-02-23` - `2023-03-27`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2022-06-08` - `2023-07-10`	a year	crt.sh

This page contains 20 frames:

Primary Page: http://212.104.43.201/errors/53/ndex.php
Frame ID: 1800514DC21A4AD1A7CF140CA61C0D7F
Requests: 155 HTTP requests in this frame

Frame: http://fast.fifththird.demdex.net/dest5.html?d_nsid=0
Frame ID: 6A911795828AD7511C5C95F00A49FDAF
Requests: 1 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 29AC8E90A0FBD6F65FEE9CBC4FA16AA4
Requests: 1 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/widget_iframe.67506ef287a81e691ccccf99870d175e.html
Frame ID: 538904AE1F8C0B8FBBCC91D09FF35D02
Requests: 2 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource.html
Frame ID: ECD7F57F9BC8107B9873ABF977079310
Requests: 1 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/pixel.html
Frame ID: 255A97A8E0E5159CAD02DCD6392B01FE
Requests: 1 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
Frame ID: F5064A10666C919B370E2625F10727BC
Requests: 49 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=http%3A%2F%2F212.104.43.201
Frame ID: 98C52E54688207C10E289FD78E8EB40D
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 48C1FFF7C486283B62C95AE1BFA131CC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 5C3DBF83323E94A86B10C45B38715635
Requests: 1 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/CuIQ82MsLMls0QO3.html
Frame ID: 4E70EAB5687F5F638AF75E0DC8F93E70
Requests: 3 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/nxvG008dYMqvZr9C.html
Frame ID: B785B867723F831084E7A2D8A79002A4
Requests: 2 HTTP requests in this frame

Frame: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/OMZ03uFcGWdgppHM.html
Frame ID: 3BA6EC9C8FA5433262194E0CC8940248
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c
Frame ID: 69144431BA158591B0554469C015C400
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c
Frame ID: C3F0CD8DD351C985E1D175A7D8D05FEE
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/fp/top_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c
Frame ID: 076ACDF84BABC4DC13DA0A8B5A1961A7
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/2tS86Iyzecp6FtLb?7189fed76399583c=Aw4d40FD5MX8BPg4DQFC8X8FjnmMjht44SzG_EUcltN96EVW8RLYYd1tdSYI-da-XJakfZF_ijwM4km0EDvCAuvoreHGvE5oSTa2YA-7gCuSI-Jo_PlNcsh4Ta7T8DF_YcBQGCXjaTXAER8W2n0-i0mRpblX62Kg2SlfljhwQV5nWw0KZSl4YFTG7SJgSf_B8MhYG-e76YnmuTXC&jb=3739262668716d7735556b6c6467777124687b6d3d55696664677571253030333224687160753d436a706d6f6d2468716235436a706d6567253030393030
Frame ID: F9647C6418D04A093CE37AABE3D8C377
Requests: 29 HTTP requests in this frame

Frame: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193
Frame ID: 90DAB0C7C426483AA38124CFAA8F6A34
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193
Frame ID: A1A6908179EA44A1F4060F65111BA2C5
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/fp/top_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193
Frame ID: 6191E881110A5EDDA8CD2799EE46BCF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fifth Third Banking Login | Fifth Third Bank

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

258
Requests

38 %
HTTPS

36 %
IPv6

25
Domains

37
Subdomains

37
IPs

5
Countries

4778 kB
Transfer

11268 kB
Size

36
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.53.com/content/fifth-third/en.html

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/customer-service.html
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://locations.53.com/search.html
Title: Branch & ATM Locator

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/login.html
Title: Online Banking Login

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/business-banking.html
Title: Business

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/commercial-banking.html
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/wealth-management.html
Title: Wealth Management

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/financial-insights.html
Title: Financial Insights

Search URL Search Domain Scan URL

URL: https://express.53.com/portal/auth/login/Login
Title: Go To Login

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/forgotUserId
Title: Forgot User ID

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/forgotPassword
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/newUser
Title: Register

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/personal-banking/about.html
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/careers.html
Title: Careers

Search URL Search Domain Scan URL

URL: https://ir.53.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/media-center.html
Title: Media Center

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/privacy-security.html
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/sitemap.html
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/login.html#0

Search URL Search Domain Scan URL

URL: https://www.53.com/content/fifth-third/en/login.html
Title: Continue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

http://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841 HTTP 302
https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841

Request Chain 92

http://cm.everesttech.net/cm/dd?d_uuid=62915897234397792091494096015931590193 HTTP 301
https://cm.everesttech.net/cm/dd?d_uuid=62915897234397792091494096015931590193 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY

Request Chain 98

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1227018%26time%3D1670549238942%26url%3Dhttp%253A%252F%252F212.104.43.201%252Ferrors%252F53%252Fndex.php%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true&e_ipv6=AQL5SN0odak0PQAAAYT0fneJwlDJHZgWQ5mEj738KV1pSgXrzud1vOsVi9ATb7aC7u7hm6iKm6gN

Request Chain 119

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=eloqua.53.com HTTP 302
http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=C0D59C02863D43FDBA15B3FE5CC6F444

Request Chain 120

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 301
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 302
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=4BA3838308CD46899D2CFD5BB4CB45EF

Request Chain 132

http://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c

Request Chain 133

http://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Request Chain 134

http://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Request Chain 135

http://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

Request Chain 136

http://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

Request Chain 137

http://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

Request Chain 138

http://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

Request Chain 139

http://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

Request Chain 140

http://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

Request Chain 141

http://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

Request Chain 142

http://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c

Request Chain 169

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 301
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com

Request Chain 176

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8212c4-86d6-49a8-b342-ad70034178f0&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php HTTP 301
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8212c4-86d6-49a8-b342-ad70034178f0&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php

Request Chain 192

https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&k=2

258 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ndex.php Show response
212.104.43.201/errors/53/ 137 KB
30 KB 319ms
292ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache / PHP/5.4.32

Resource Hash

6e11ce8ffe786ab9f748b448dd66599c68d16a1601c923c31546b69b0063af67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 30595
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:18 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-
X-Powered-By: PHP/5.4.32

GET
H/1.1 200
OK 1.txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 979 B
857 B 68ms
34ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/1.txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

d4c1f6eab6131263f57b3d9061e16f1a301b459007456a6e0ca28f103ed5e263

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:17:44 GMT
Server: Apache
ETag: "3d3-5dc0ea080c600-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 506

GET
H/1.1 200
OK 1(1).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 1 KB
870 B 82ms
43ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/1(1).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

5acfc48a41239342182d717cae97a3f2eeaadc65de5197a453d9c22916a6d2e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:17:46 GMT
Server: Apache
ETag: "5ad-5dc0ea09f4a80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 519

GET
H/1.1 200
OK moatframe.js.download.pagespeed.jm.q8S0nE8PWt.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 77ms
39ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/moatframe.js.download.pagespeed.jm.q8S0nE8PWt.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e066a62ef164512caa140fd3d0dead52fc1e873eec9f4d9d22b33ed0275ff69f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 868
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK f.txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 39 KB
15 KB 35ms
35ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f.txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

58458c9c39d176d9adc253f615f6d5d6929025f079b9cea6da5ff75b78412fdb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:17:48 GMT
Server: Apache
ETag: "9af8-5dc0ea0bdcf00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 14892

GET
H/1.1 200
OK s51743366982328 Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 630 B
902 B 58ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/s51743366982328

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

f45ec73ed0170ed570970be499256b77b705c4d05c4410a4b186672502a6ccdc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:50 GMT
Server: Apache
ETag: "276-5dc0ea0dc5380"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 630

GET
H/1.1 200
OK clientlib-style.1954f4093b5533f0047a9dd5f8be8b06.css
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 233 KB
34 KB 131ms
108ms Stylesheet
text/css 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-style.1954f4093b5533f0047a9dd5f8be8b06.css

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

9a9cec6674cbcf903acbced47f3767ff6decdc4a282364f6c0cef79215c24ca2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:17:50 GMT
Server: Apache
ETag: "3a545-5dc0ea0dc5380-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 34210

GET
H/1.1 200
OK clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 8 KB
2 KB 60ms
31ms Stylesheet
text/css 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

95e07b9ed10bad5fc15c9e4eb80c3a5a5a53d45203a8225685ca2f53334b5903

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:17:50 GMT
Server: Apache
ETag: "20fb-5dc0ea0dc5380-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1715

GET
H/1.1 200
OK js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 38ms
38ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

2481465e3591d162511396262b10cae3c38d9d95ff66295f71f51d34bb351676

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:52 GMT
Server: Apache
ETag: "19c2f-5dc0ea0fad800"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 105519

GET
H/1.1 200
OK js(1) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 45ms
45ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(1)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

aecc706dd4ccbdf536a374aa7c4c21b1e249c4d268161a352392fc909bc5fce8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:52 GMT
Server: Apache
ETag: "19c2f-5dc0ea0fad800"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 105519

GET
H/1.1 200
OK js(2) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 31ms
31ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(2)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

a17e4678a54e9eee5f2e369fde108f5d00dedda59b6390327104f69bfcadec80

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:52 GMT
Server: Apache
ETag: "19c2f-5dc0ea0fad800"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 105519

GET
H/1.1 200
OK js(3) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 93 KB
93 KB 34ms
34ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(3)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

ba9201f802bc367f2967bf575b0230706129bedbe1e03adbb884ee4e332f92b8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:54 GMT
Server: Apache
ETag: "17252-5dc0ea1195c80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 94802

GET
H/1.1 200
OK js(4) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 38ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(4)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

7d16732fea2b9dc9d4d6cb6221a1b607be03947d5ae0787d3c2048deb7fe4c89

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:54 GMT
Server: Apache
ETag: "19c2f-5dc0ea1195c80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 105519

GET
H/1.1 200
OK js(5) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 29ms
29ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(5)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

fd431359d3a9f7aa606f0e6d95fe3ad040174939b74c4421e544fae1dc90957d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:54 GMT
Server: Apache
ETag: "19c2f-5dc0ea1195c80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 105519

GET
H/1.1 200
OK js(6) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 35ms
34ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(6)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

c26d0ba4a7c58359268d0b8e27a3623fb27cf44a876deb2a71683d2e082d135e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:56 GMT
Server: Apache
ETag: "19c2f-5dc0ea137e100"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 105519

GET
H/1.1 200
OK js(7) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 37ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(7)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3e7528d8b58f815ff60129b7da92f50e6a3efe6b0a3c151bc2a7934b692813d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:56 GMT
Server: Apache
ETag: "19c2f-5dc0ea137e100"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 105519

GET
H/1.1 200
OK js(8) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 46ms
46ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(8)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

f144a33cc86927c783f624044cb7138cebaf7fec4ff9bab71257631e0d94eb1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:56 GMT
Server: Apache
ETag: "19c2f-5dc0ea137e100"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 105519

GET
H/1.1 200
OK js(9) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 34ms
34ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(9)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

6ed0d8f86799b2f2e20f0653b1cf9b4db711969437f852eaefa98f5288fa9a08

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:58 GMT
Server: Apache
ETag: "19c2f-5dc0ea1566580"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 105519

GET
H/1.1 200
OK widgets.js.download.pagespeed.jm.cKojR_ETqK.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 97 KB
29 KB 120ms
82ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/widgets.js.download.pagespeed.jm.cKojR_ETqK.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

42ed84a1baa7e1cd3eb0d4bdd4abb98bc76a7aef63cee1e9c6650d55bf898f16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 29156
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK elqCfg.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 6 KB
2 KB 45ms
45ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/elqCfg.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:00 GMT
Server: Apache
ETag: "17c0-5dc0ea174ea00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2183

GET
H/1.1 200
OK insight.min.js.download.pagespeed.jm.RbxgZaWfeL.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 8 KB
3 KB 100ms
34ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/insight.min.js.download.pagespeed.jm.RbxgZaWfeL.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

c7fe152c1a9be1a9d0e160a9e4a2894d5e218a6cd2f2f0af4cff2604536ae4a5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 3101
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK init.js.download.pagespeed.jm.Zhd7apswgv.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 475 B
716 B 91ms
30ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/init.js.download.pagespeed.jm.Zhd7apswgv.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

b61cc7c14a4428be0acd081e6a914fc718a7d7f40da2940b4aa3e76e309409a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 295
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK launch-EN819648af9c424f3b9bbb22ae68c6cb6a.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 568 KB
133 KB 159ms
92ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/launch-EN819648af9c424f3b9bbb22ae68c6cb6a.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

61ef6ebd83880427254cc60e456ed8e816b0179d2115625952a0172ecf53e1b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:04 GMT
Server: Apache
ETag: "8e045-5dc0ea1b1f300-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK AppMeasurement.min.js.download.pagespeed.jm.WMPvfU5Q9f.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 32 KB
12 KB 100ms
45ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/AppMeasurement.min.js.download.pagespeed.jm.WMPvfU5Q9f.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

6a0b584588fc7cc820e19ba29f2c983336b939888f5df851ae519bc04ff87a67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 12065
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js.download.pagespeed.jm.r4QZDvL7M7.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 3 KB
2 KB 76ms
31ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/AppMeasurement_Module_ActivityMap.min.js.download.pagespeed.jm.r4QZDvL7M7.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

cdf8da32cc1aa8005087225016fca4d477184ec099634470bd0d973ecac6a295

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 1510
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK AppMeasurement_Module_AudienceManagement.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 25 KB
9 KB 94ms
44ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/AppMeasurement_Module_AudienceManagement.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:06 GMT
Server: Apache
ETag: "621b-5dc0ea1d07780-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 8764

GET
H/1.1 200
OK js(10) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 77ms
33ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(10)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

937d5bead8f96253b3b76b7880013bbf01e0752c76e0e9aaf079ad96c97353c2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:08 GMT
Server: Apache
ETag: "19c03-5dc0ea1eefc00"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 105475

GET
H/1.1 200
OK uwt.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 14 KB
6 KB 51ms
32ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/uwt.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:08 GMT
Server: Apache
ETag: "3847-5dc0ea1eefc00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 5410

GET
H/1.1 200
OK 1221502774554360 Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 41 KB
41 KB 67ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/1221502774554360

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

4c4303e967f0ae9417a14064fd440434f3f8b34ae2904b6c15f19145371d0cce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:10 GMT
Server: Apache
ETag: "a36f-5dc0ea20d8080"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 41839

GET
H/1.1 200
OK fbevents.js.download.pagespeed.jm.7u9hfxZ1Ho.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 98 KB
26 KB 101ms
73ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/fbevents.js.download.pagespeed.jm.7u9hfxZ1Ho.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3ceb26dc98e521fc949573f8493ce314dd305a5dcc035d18aaeb25087d7e1679

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 25735
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK js(11) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 103 KB
103 KB 51ms
38ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/js(11)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

38d52d917db4751743ef05ad3ce6797efdf445509b4edcb17f24280c9c6d761a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:10 GMT
Server: Apache
ETag: "19c1a-5dc0ea20d8080"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 105498

GET
H/1.1 200
OK f(1).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 113ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(1).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

38f7a4c4508c888611c0ce908ddfbd796ae670cb605346c66c02c3d57e8ea53e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:12 GMT
Server: Apache
ETag: "6ea-5dc0ea22c0500-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1061

GET
H/1.1 200
OK f(2).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 116ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(2).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

9221a87227e1403f9c4a83e972e099238300319ba2670625b1d160538c15803c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:12 GMT
Server: Apache
ETag: "6ea-5dc0ea22c0500-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1061

GET
H/1.1 200
OK f(3).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 121ms
31ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(3).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

76931b251108864b8d8bf535da0aa609ff2eb0c35827fbd7461da39724685a25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:12 GMT
Server: Apache
ETag: "6ea-5dc0ea22c0500-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1062

GET
H/1.1 200
OK f(4).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 151ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(4).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

068e4862f846253071978b2f5047e77d32fcd94f39a6973521ec77f8c101135f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:14 GMT
Server: Apache
ETag: "6fe-5dc0ea24a8980-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1071

GET
H/1.1 200
OK f(5).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 153ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(5).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

fcf1e885637814fc0c5ee0b07e8bbec9d239aaf48ce05cd798bd1c60c4a4a6ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:14 GMT
Server: Apache
ETag: "6eb-5dc0ea24a8980-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1061

GET
H/1.1 200
OK f(6).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 153ms
30ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(6).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

c5ba02994baea9b4000849c605d456307fec2b6fae44f368a5d24837ac3d0787

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:14 GMT
Server: Apache
ETag: "6eb-5dc0ea24a8980-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1063

GET
H/1.1 200
OK f(7).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 190ms
39ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(7).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

ccfb00fc2c8b64b2947f994dffe143a1ee5f8bf51792317034b76f0414d6211f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:16 GMT
Server: Apache
ETag: "6eb-5dc0ea2690e00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1063

GET
H/1.1 200
OK f(8).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 190ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(8).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e149fce34c40d54a6cb3595ed70072bef3417f033381a7e0cda77de72fbdfeb4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:16 GMT
Server: Apache
ETag: "6ea-5dc0ea2690e00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1061

GET
H/1.1 200
OK f(9).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 184ms
31ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(9).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

ac8b118f318ee62201e74ae2ce6db498dbaa795a405cd44c89e9e0a8e6c1d5d7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:16 GMT
Server: Apache
ETag: "6eb-5dc0ea2690e00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1061

GET
H/1.1 200
OK f(10).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 183ms
28ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(10).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3e3e4b8730f174185e0904c988f12bfd64ededbcbbc6279772e7d386760c659f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:16 GMT
Server: Apache
ETag: "6eb-5dc0ea2690e00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1062

GET
H/1.1 200
OK f(11).txt Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 193ms
38ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/f(11).txt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

ab6e443c2a6585d90251380b4e5bfd091d21fdfc08f99b400cf45a4306df04bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:16 GMT
Server: Apache
ETag: "6eb-5dc0ea2690e00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/plain
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1062

GET
H/1.1 200
OK RCaac05d6061834e998c7762867e58c1f4-source.min.js.download.pagespeed.jm.XQ-zBriXTU.js Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 1 KB
955 B 31ms
29ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/RCaac05d6061834e998c7762867e58c1f4-source.min.js.download.pagespeed.jm.XQ-zBriXTU.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

7d004f0303b89cf4524457a9b6295ab616582c9b005e2d58b4c128211322a834

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Dec 2022 22:26:51 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 534
Expires: Fri, 08 Dec 2023 22:26:51 GMT

GET
H/1.1 200
OK RC610020f9feb9444981811dd2ff136847-source.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 943 B
897 B 36ms
30ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/RC610020f9feb9444981811dd2ff136847-source.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

61ff0f6160006980cf92b651931c35f425858672bf8a532f7dacd6a9ac452070

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:18 GMT
Server: Apache
ETag: "3af-5dc0ea2879280-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 535

GET
H/1.1 200
OK RC2fbb197127024365b804821684503738-source.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 941 B
893 B 60ms
37ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/RC2fbb197127024365b804821684503738-source.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3b203eebe4947d46365e5cebc597e4d549cfc6cc1d629ad96cb3679ed694caf3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:18 GMT
Server: Apache
ETag: "3ad-5dc0ea2879280-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 531

GET
H/1.1 200
OK 88qs0x8k4m6iu615.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 87 KB
12 KB 225ms
42ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/88qs0x8k4m6iu615.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

a9920fb7bbe1320272d5764d7def7cf8b369d1c79d4b17b8cbf04a237a712c56

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:20 GMT
Server: Apache
ETag: "15ddb-5dc0ea2a61700-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 11752

GET
H/1.1 200
OK layers.fa6cd1947ce26e890d3d.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 263 KB
74 KB 101ms
97ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/layers.fa6cd1947ce26e890d3d.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:22 GMT
Server: Apache
ETag: "41cf5-5dc0ea2c49b80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97

GET
H/1.1 200
OK logo.svg
www.53.com/content/dam/fifth-third/brand/ 0
0 1081ms
1017ms Image
text/html 104.111.239.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.53.com/content/dam/fifth-third/brand/logo.svg
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H/1.1 503
Service Unavailable 1440x565-ftblue-other.jpg
212.104.43.201/content/dam/fifth-third/heroes/ 2 KB
2 KB 39ms
34ms Image
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/content/dam/fifth-third/heroes/1440x565-ftblue-other.jpg

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache / PHP/5.4.32

Resource Hash

eb24fb8daa08ff8628f200d3ecfc9850d9632537b342a1ea219002d6d372d5fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Server: Apache
Connection: close
X-Powered-By: PHP/5.4.32
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK equal_housing_logo.png
www.53.com/content/dam/fifth-third/brand/icons/ 0
0 890ms
826ms Image
text/html 104.111.239.138
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.53.com/content/dam/fifth-third/brand/icons/equal_housing_logo.png
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.239.138 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-239-138.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H/1.1 200
OK logo.svg
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 5 KB
5 KB 67ms
36ms Image
image/svg+xml 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/logo.svg

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:22 GMT
Server: Apache
ETag: "130b-5dc0ea2c49b80"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 4875

GET
H/1.1 200
OK patternlab.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 402 KB
115 KB 109ms
108ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/patternlab.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

61c857f49daf5027a73cc384e5e75d01e0b9123a7e77792ab282026f451f6ed9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:22 GMT
Server: Apache
ETag: "64602-5dc0ea2c49b80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98

GET
H/1.1 200
OK cms.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 25 KB
6 KB 32ms
32ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/cms.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

9604dbabba22c1d2ef244a1b76ec794b0fdb510dcfe6b6b7fee3b300e4e25e65

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:22 GMT
Server: Apache
ETag: "624e-5dc0ea2c49b80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 5975

GET
H/1.1 200
OK loadLogonScript.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 1 KB
799 B 39ms
38ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/loadLogonScript.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

b4831187612ef74589b40199fa2014e002128688eaaf14ebc9d8efa2085ec6f5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:22 GMT
Server: Apache
ETag: "42b-5dc0ea2c49b80-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 437

GET
H/1.1 200
OK addthis_widget.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 353 KB
112 KB 95ms
84ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/addthis_widget.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "5834c-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96

GET
H/1.1 200
OK jquery.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 85 KB
30 KB 82ms
72ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/jquery.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "1538f-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 30307

GET
H/1.1 200
OK hogan-3.0.1.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 20 KB
6 KB 43ms
33ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/hogan-3.0.1.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

8852250970301a870d0a14722a7fda66b2a74bbb65bf2b7b3fe80dc8d8434ee6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "505b-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5615

GET
H/1.1 200
OK ba-hashchange.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 2 KB
1 KB 41ms
39ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ba-hashchange.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

506ff5c4d37c218c9e2581ae7e7bd9bb94e1fbb2a3d7b5584f332966fa003981

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "9f7-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1037

GET
H/1.1 200
OK autocomplete.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 16 KB
4 KB 32ms
32ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/autocomplete.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

2f6a2708bb08039d7670a428ddc421f27ed1d6e2fdca03c59001f56f4791e07a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "401f-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4138

GET
H/1.1 200
OK moveScripts.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 750 B
724 B 42ms
30ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/moveScripts.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

1777f023a61ea16a4888e9baa951d81736426c5b880fca946f9d37d0eb2cffae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "2ee-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 362

GET
H/1.1 200
OK slick.min.js.download Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 42 KB
11 KB 51ms
45ms Script
application/javascript 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/slick.min.js.download

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "a76f-5dc0ea2e32000-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 10442

GET
H/1.1 200
OK autocomplete.css+search.css.pagespeed.cc.X8nXFPfhMG.css
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 6 KB
2 KB 57ms
31ms Stylesheet
text/css 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/autocomplete.css+search.css.pagespeed.cc.X8nXFPfhMG.css

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

81b23c1894eb8d09145323224291e99d2b47fa313100577a67e36381420c123b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Dec 2022 10:07:42 GMT
Server: Apache
Etag: W/"0-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1988
Expires: Tue, 05 Dec 2023 10:07:42 GMT

GET
H/1.1 200
OK LjxuJWk Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 102 KB
102 KB 37ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/LjxuJWk

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

aff7ece6c26afdfff4d70ffad3a1917717ea3a65ec1fce2187c2fce4a63adb1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:24 GMT
Server: Apache
ETag: "19615-5dc0ea2e32000"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 103957

GET
H/1.1 200
OK adsct Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ 31 B
301 B 44ms
43ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/adsct

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:26 GMT
Server: Apache
ETag: "1f-5dc0ea301a480"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 31

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 63ms
26ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 01:27:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H/1.1 200
OK launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js Show response
assets.adobedtm.com/ 599 KB
141 KB 14ms
7ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/init.js.download.pagespeed.jm.Zhd7apswgv.js
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9277af94087ef40472663b98d04319aaa287ac8de958d0ca08c3f8250bc9ff7b

Request headers

Referer: http://212.104.43.201/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 16:57:52 GMT
Server: AkamaiNetStorage
ETag: "d28977f5e6c5f68ff5a15e94dec98bde:1669913872.423131"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://212.104.43.201
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 144170
Expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 854 B
1 KB 70ms
36ms XHR
application/json 34.243.172.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=CBBDCBC1557213FE7F000101%40AdobeOrg&d_nsid=0&ts=1670549238761
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Server: 34.243.172.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-172-78.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 227ad97799aa87ec211d4921b3aa5ba10ff5fbf55b11c8899ed9199df73eb2c1

Request headers

Referer: http://212.104.43.201/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-040129606.edge-irl1.demdex.com 2 ms
Pragma: no-cache
content-encoding: gzip
X-TID: 9QVD6RxrTHc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://212.104.43.201
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 480
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 33 KB
12 KB 33ms
7ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "41f1b46329a6056c0f2c993498eda989:1591133412.019903"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12161
expires: Fri, 09 Dec 2022 02:27:18 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 3 KB
2 KB 39ms
13ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "e9aa55ef8b40a205f86b54789b37de5c:1591133412.323749"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1607
expires: Fri, 09 Dec 2022 02:27:18 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 25 KB
9 KB 13ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "7324535d27629ca693bad7fd0da315ea:1591133412.560246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8764
expires: Fri, 09 Dec 2022 02:27:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 87ms
32ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-983180037

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85e7bf7815dae442a384cfc0c20501c104a68dd07a413a6a0b6d743b4bc4d558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53021
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 36ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-hhn-etou8220046-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 214ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:27:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ocUg98AaO3JnNqIhj51/dpStTHsPn5I0FKeeN1BwvNI9V0nbQDhcZatqx87g28OpH+9D1gZfMeNLqIt2uWleRQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 25ms
9ms Script
application/x-javascript 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://img.en25.com/i/elqCfg.min.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:18 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 03 Oct 2022 17:55:36 GMT
ETag: "ff37a05751d7d81:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 40ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=71360
accept-ranges: bytes
content-length: 4581

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 65ms
29ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-965699254

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96a433c2aa3c6e980ce6211c142389145af2ecbf228f1fadb6af038092c54bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66905
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-16829.us.tvsquared.com/ 20 KB
9 KB 257ms
120ms Script
application/javascript 3.22.179.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://collector-16829.us.tvsquared.com/tv2track.js
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Server: 3.22.179.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-179-81.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Aug 2022 11:01:47 GMT
Server: nginx
ETag: "6306051b-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Fri, 09 Dec 2022 01:37:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8694649

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a50ea54c2c57ac21455a3dc464f6772067b2c9740a2d1dddf1ff87fd67b668c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44105
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:18 GMT

GET
H/1.1

200
OK

js
pixel.mathtag.com/event/
Redirect Chain

http://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841

2 KB
2 KB

115ms
25ms

Image
text/javascript

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 180 1fd3e2d master cdg-pixel-x33 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:19 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x33 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2150
Expires: Fri, 09 Dec 2022 01:27:18 GMT

Redirect headers

Date: Fri, 09 Dec 2022 01:27:18 GMT
Server: MT3 180 1fd3e2d master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
Content-Type: text/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Fri, 09 Dec 2022 01:27:17 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/983180037/ 42 B
108 B 149ms
30ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/983180037/?random=1649324829186&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=903781541&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/787644850/ 42 B
548 B 103ms
29ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/787644850/?random=1649324829343&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=118034570&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/725123364/ 42 B
64 B 61ms
27ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725123364/?random=1649324829346&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=245188036&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/847447334/ 42 B
64 B 62ms
28ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/847447334/?random=1649324829348&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=839160282&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/783154456/ 42 B
64 B 65ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/783154456/?random=1649324829350&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2445085508&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854346853/ 42 B
64 B 63ms
29ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854346853/?random=1649324829353&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2417647197&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 63ms
30ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1649324829356&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1107698545&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 62ms
28ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1649324829357&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=738315034&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/936762750/ 42 B
64 B 64ms
30ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936762750/?random=1649324829360&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2910383148&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854356612/ 42 B
64 B 66ms
32ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854356612/?random=1649324829362&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3749793294&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/986790419/ 42 B
64 B 66ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986790419/?random=1649324829365&cv=9&fst=1649322000000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oa3u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&ref=https%3A%2F%2Fwww.google.com%2F&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3311198328&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 59ms
14ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://212.104.43.201
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 18:50:24 GMT
x-content-type-options: nosniff
age: 283014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 18:50:24 GMT

GET
H/1.1 503
Service Unavailable icomoon.woff
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/ 0
0 37ms
29ms Font
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/icomoon.woff

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache / PHP/5.4.32

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Origin: http://212.104.43.201
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Server: Apache
Connection: close
X-Powered-By: PHP/5.4.32
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html

GET
H/1.1 200
OK dest5.html Show response
fast.fifththird.demdex.net/ Frame 6A91 7 KB
3 KB 42ms
8ms Document
text/html 2.21.20.135
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.fifththird.demdex.net/dest5.html?d_nsid=0
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Server: 2.21.20.135 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-135.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2785
Content-Type: text/html
Date: Fri, 09 Dec 2022 01:27:18 GMT
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Server: AkamaiNetStorage
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=62915897234397792091494096015931590193
https://cm.everesttech.net/cm/dd?d_uuid=62915897234397792091494096015931590193
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY

42 B
942 B

34ms
33ms

Image
image/gif

54.75.234.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

54.75.234.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-75-234-63.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hwg4V0aUTnI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v045-0168100b3.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: A0bx0MniTCI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y5KO9wAAAGPZLgOY
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 json Show response
fifththirdbank.tt.omtrdc.net/m2/fifththirdbank/mbox/ 96 B
536 B 67ms
38ms XHR
application/json 52.19.35.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://fifththirdbank.tt.omtrdc.net/m2/fifththirdbank/mbox/json?mbox=target-global-mbox&mboxSession=433758361e99471aa800a47265ba5bd0&mboxPC=&mboxPage=87d745158c7840dfa45a9202b8f001c8&mboxRid=10a5e23d73b4476bac450c970418dcf3&mboxVersion=1.7.0&mboxCount=1&mboxTime=1670549238779&mboxHost=212.104.43.201&mboxURL=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=0&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=Intel%20Iris%20OpenGL%20Engine&mboxMCSDID=0A17D7ED31A49392-0876A74B72910C86&mboxMCGVID=62954857751053644751491290817239947843&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCGLH=6
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Server: 52.19.35.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-35-175.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 330c2cabfd973da7640fcf8dc5683e377de758eb79f5bd75078dfae439cade2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: http://212.104.43.201
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 96
X-Request-ID: 10a5e23d73b4476bac450c970418dcf3

GET
H/1.1 503
Service Unavailable icomoon.ttf
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/ 0
0 50ms
41ms Font
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/icomoon.ttf

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache / PHP/5.4.32

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Origin: http://212.104.43.201
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Server: Apache
Connection: close
X-Powered-By: PHP/5.4.32
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 adsct
t.co/i/ 43 B
376 B 135ms
111ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=2003053c-36db-4468-8381-dedda1c58c3c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=22f62132-3e9e-4da6-9148-a46959a9acbd&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny99k&type=javascript&version=2.3.29

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 09 Dec 2022 01:27:18 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 66c8b3c8a0d5af06
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 25cde6882846f10801aaf8b6babadcfa100740e3b2254d44c9156b5dc18619ee
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 158ms
116ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=2003053c-36db-4468-8381-dedda1c58c3c&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=22f62132-3e9e-4da6-9148-a46959a9acbd&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny99k&type=javascript&version=2.3.29

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 09 Dec 2022 01:27:18 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2686b7e685345ca
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5d796d60929fa042bc33a8473c34c78cf82cc9ee1cf17d1896836709c8257b1d
content-length: 43

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1227018/domain/212.104.43.201/ 36 B
375 B 16ms
16ms XHR
application/json 2600:9000:225e:7400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1227018/domain/212.104.43.201/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: http://212.104.43.201/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 09 Dec 2022 00:45:16 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 2523
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 0QTStEvpr4D7t-RBOpQifOFbvfKltiySfClSPI8YtypcgMHByV6PiA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1227018%26time%3D1670549238942%26url%3Dhttp%253A%252F%252F212.104.43.201%252Ferro...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true&e_ipv6=AQL5SN0odak0PQAAAYT0fneJwlDJHZgWQ5mEj738KV...

0
264 B

231ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true&e_ipv6=AQL5SN0odak0PQAAAYT0fneJwlDJHZgWQ5mEj738KV1pSgXrzud1vOsVi9ATb7aC7u7hm6iKm6gN
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F65223D9FF344BF69129845792F12C26 Ref B: FRAEDGE1920 Ref C: 2022-12-09T01:27:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvWw4Ga23p0pvvdLZgyA==

Redirect headers

date: Fri, 09 Dec 2022 01:27:19 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: EA0ED9718654436F92ADAAD6C48D9038 Ref B: FRAEDGE2014 Ref C: 2022-12-09T01:27:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1670549238942&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&liSync=true&e_ipv6=AQL5SN0odak0PQAAAYT0fneJwlDJHZgWQ5mEj738KV1pSgXrzud1vOsVi9ATb7aC7u7hm6iKm6gN
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvWw4Cz1W6W/lUkUZHiA==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/ 2 KB
1 KB 94ms
30ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/?random=1670549238974&cv=11&fst=1670549238974&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&auid=814195572.1670549239&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceda07d1c1502ee0a510b17bf981c5d97e8500263faed52368db84a9563e791d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 36ms
32ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4cf8eaed47d204d05e98899511c66cf793b252fa48a65ad5da2d75216d09a378

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52913
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7ce6713079ead1665849c2c24d0e0c0f3eb03ce1ad9cc67f3cac847b731d75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52914
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 38ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

781eff0e54dfd45e5f3064e27f4ebab8c2b90a47398d1a96a699d74f946df957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 42ms
38ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a3633c1e73cd6dda2200977720408e093dd8e7db25deff2ac7bf18571760b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52914
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

832e79d4d0cd803927e8e5b29649f0fae8f54a482cdbeab7a0ea905f11b6c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
66 KB 51ms
48ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

072bf39e5b3f7de08cecc401103d1556b7f431d0eef26ee276a2349028859653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66964
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a7d6f4a2ba1dc5dd0351066b35dda10f9fd9d10592de046263d66812dfba9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44118
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 47ms
45ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97a625a446bc1fda2e0dd47a3c34974b1d24b2e25114fa977f83d1e9818e20be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52914
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 56ms
54ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39ece78335423a1deabfd83edf8a0d0ec9e45ac03bbbb5d1d39a8edbe8c3e8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 179 KB
65 KB 63ms
61ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ed687fe7a8afdeb8b7b38d9f7a32b3e1961aacf0d78c5700b808664bb06b20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66919
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 73ms
71ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b5ccea4995418cdcc737c880f5d11b80fb49e5f67cf87b788509ec0b5ecd0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44120
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/1227018/domain/212.104.43.201/ Frame 0
0 98ms
9ms Preflight 2600:9000:225e:7400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1227018/domain/212.104.43.201/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:7400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://212.104.43.201
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 15723
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 08 Dec 2022 21:05:16 GMT
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-id: N4iY01DGplirthvPsjB8tR4S13fzoaj-36L9aabNzgx5hUhrygKnUQ==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
2 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1670549239014&cv=11&fst=1670549239014&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&auid=814195572.1670549239&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-965699254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37bf1c6df20450e80399c4b909738e8da268831981a819eb75922304e15ca047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
933 B 92ms
62ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1670549239022&cv=11&fst=1670549239022&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&auid=814195572.1670549239&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-965699254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddf82210964b032754465df985a020457a65d53d413605a57707602c6bde8fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 907
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
934 B 63ms
33ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1670549239032&cv=11&fst=1670549239032&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&auid=814195572.1670549239&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-965699254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1d0243164efe31f43fde433247b686d24389285ebdb9f1daa0b27e3c5b91109

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 908
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 47ms
15ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/addthis_widget.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=42939
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK s08985167542267 Show response
tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LCXS/ 638 B
1 KB 81ms
41ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LCXS/s08985167542267?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=9%2F11%2F2022%201%3A27%3A19%205%200&d.&nsid=0&jsonv=1&.d&sdid=0A17D7ED31A49392-0876A74B72910C86&ts=2022-12-09T01%3A27%3A19.097Z&mid=62954857751053644751491290817239947843&aamlh=6&ce=UTF-8&pageName=fifth%20third%20bank%20%7C%20errors%20%7C%2053%20%7C%20ndex.php&g=212.104.43.201%2Ferrors%2F53%2Fndex.php&c.&getTimeParting=6.3&.c&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=fifth%20third%20bank%20%7C%20errors%20%7C%2053%20%7C%20ndex.php&v2=fifth%20third%20bank%20%7C%20errors%20%7C%2053%20%7C%20ndex.php&v22=year%3D2022%20%7C%20month%3DDecember%20%7C%20date%3D8%20%7C%20day%3DThursday%20%7C%20time%3D8%3A27%20PM&v27=2022-12-08T21%3A27%3A19.097&c40=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&v40=212.104.43.201%2Ferrors%2F53%2Fndex.php&c64=1&v64=New&c65=0.9&c66=First%20Visit&c67=%7Cundefined%7Cundefined&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=CBBDCBC1557213FE7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js

Protocol

HTTP/1.1

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

8c0596a13aebce5959eb86b8d291fe107960f117c3d656584edb919d9284facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-aam-tid: alyOW0K6SJ4=
date: Fri, 09 Dec 2022 01:27:19 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 638
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v045-078626053.edge-irl1.demdex.com 3 ms
pragma: no-cache
last-modified: Sat, 10 Dec 2022 01:27:19 GMT
server: jag
etag: 3587477175952965632-4619842573126390775
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 08 Dec 2022 01:27:19 GMT

GET
H/1.1 200
OK sh.f48a1a04fe8dbf021b4cda1d.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 29AC 74 KB
27 KB 70ms
62ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

5645f9295f6b2452877f04233cb37f40923fc98a9728315cbc08c23b98abb638

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 26907
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:19 GMT
Keep-Alive: timeout=5, max=94
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK widget_iframe.67506ef287a81e691ccccf99870d175e.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 5389 323 KB
105 KB 309ms
291ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/widget_iframe.67506ef287a81e691ccccf99870d175e.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

40d571eba87bea119bbb2b9e872b6532a74612bd9797b223f9417a9617503a7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:19 GMT
Keep-Alive: timeout=5, max=92
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1

200
OK

svrGP
eloqua.53.com/visitor/v200/
Redirect Chain

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=eloqua.53.com
http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=C0D59C02863D43FDBA15B3FE5CC6F444

49 B
495 B

246ms
184ms

Image
image/gif

142.0.165.165
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=C0D59C02863D43FDBA15B3FE5CC6F444

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

142.0.165.165 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=C0D59C02863D43FDBA15B3FE5CC6F444
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 289
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

svrGP
contactforms.53.com/visitor/v200/
Redirect Chain

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=4BA3838308CD46899D2CFD5BB4CB45EF

49 B
495 B

277ms
277ms

Image
image/gif

142.0.173.20
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=4BA3838308CD46899D2CFD5BB4CB45EF

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

142.0.173.20 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:19 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:19 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=939&optin=disabled&elq1pcGUID=4BA3838308CD46899D2CFD5BB4CB45EF
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 290
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK saved_resource.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame ECD7 4 KB
2 KB 66ms
39ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

a6a94ff52ce03a27cc3ba4e86c6ea96e2279e20803643127b6c2a4e400a2e122

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1727
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:19 GMT
Keep-Alive: timeout=5, max=93
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK pixel.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 255A 3 KB
2 KB 66ms
34ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/pixel.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

d5605feb6bbe60777088527f4c182a92d6028125511467896a9f21a0edfcd47c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1688
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:19 GMT
Keep-Alive: timeout=5, max=88
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK saved_resource(1).html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 13 KB
3 KB 127ms
88ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

487480073099084d0e7bbaa19982421cbd10d33f8f587c669de7d003284316f1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3101
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:19 GMT
Keep-Alive: timeout=5, max=99
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H2 200 RC610020f9feb9444981811dd2ff136847-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/ 943 B
800 B 9ms
8ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/RC610020f9feb9444981811dd2ff136847-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 84b33fea44fd00dbc935defe517aa650933ffb800848947c5bcd66a147d71ecb

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 16:57:53 GMT
server: AkamaiNetStorage
etag: "2ff953efc7c106bba0d9f38b2e8dd1bb:1669913873.236247"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 536
expires: Fri, 09 Dec 2022 02:27:19 GMT

GET
H2 200 RC2fbb197127024365b804821684503738-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/ 941 B
795 B 10ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/RC2fbb197127024365b804821684503738-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 90bbc803bbd403720482cd55e84209ecf9c216ff3d8197983f4367ef9b293c2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 16:57:53 GMT
server: AkamaiNetStorage
etag: "2ff953efc7c106bba0d9f38b2e8dd1bb:1669913873.236247"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 531
expires: Fri, 09 Dec 2022 02:27:19 GMT

GET
H2 200 RCaac05d6061834e998c7762867e58c1f4-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/ 1 KB
832 B 9ms
9ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/09f834acb065/RCaac05d6061834e998c7762867e58c1f4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 20588da5c0e09841cba8ee3267a897af1a5c6bd359f12ac48a83a8f2c0dda522

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 16:57:53 GMT
server: AkamaiNetStorage
etag: "2ff953efc7c106bba0d9f38b2e8dd1bb:1669913873.236247"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://212.104.43.201
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 568
expires: Fri, 09 Dec 2022 02:27:19 GMT

GET
H/1.1 200
OK widget_iframe.67506ef287a81e691ccccf99870d175e.html Show response
platform.twitter.com/widgets/ Frame 98C5 319 KB
104 KB 78ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=http%3A%2F%2F212.104.43.201
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/widgets.js.download.pagespeed.jm.cKojR_ETqK.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 88075
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Fri, 09 Dec 2022 01:27:19 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 06 Apr 2022 16:28:34 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6762)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 208ms
184ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63928ef71dd8779d&bkl=0&bl=1&sid=63928ef71dd8779d&pub=&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.53.com&fp=content%2Ffifth-third%2Fen%2Flogin.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1670549239163&jsl=8193&uvs=63928ef7af1efe55000&skipb=1&callback=addthis.cbs.jsonp__90377891930673670
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/addthis_widget.js.download
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 05048494de1ac89e9338e1bef95be549b61cebb3efd3f70d557d1a83bb849381

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 48C1 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 5C3D 71 KB
26 KB 89ms
16ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/addthis_widget.js.download

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Fri, 09 Dec 2022 01:27:19 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 10ms
9ms Script
application/x-javascript 96.16.149.96
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://img.en25.com/i/elqCfg.min.js

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

96.16.149.96 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-149-96.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 03 Oct 2022 17:55:36 GMT
ETag: "ff37a05751d7d81:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 09 Dec 2022 01:27:19 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c

135 KB
52 KB

39ms
39ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9c34517ae4e71e71bdd03a2934c550844b99a2e917161537afe47cf79a29673

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53040
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-983180037&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

135 KB
52 KB

31ms
30ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2c1d4a972572426a77461e0ae31ac44b4c1a0fbac553602daef482b1a8fb866

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53000
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

135 KB
52 KB

53ms
52ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7ce6713079ead1665849c2c24d0e0c0f3eb03ce1ad9cc67f3cac847b731d75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52914
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

135 KB
52 KB

43ms
43ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

781eff0e54dfd45e5f3064e27f4ebab8c2b90a47398d1a96a699d74f946df957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

135 KB
52 KB

33ms
30ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af0308cadb4a248f1d7e7688dc902a2d2e070c008511c5ccf0412202ab8cb446

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52914
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

135 KB
52 KB

26ms
25ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

832e79d4d0cd803927e8e5b29649f0fae8f54a482cdbeab7a0ea905f11b6c2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

179 KB
65 KB

35ms
33ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

162387d10924383bac354e2efc38edc1bf2e64e03958f6947981548632e3171c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66909
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

111 KB
43 KB

40ms
37ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91fd5059f0aaab89d732115247b30dafe6a1a14a6e8207b81814f127c057fb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44119
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

135 KB
52 KB

36ms
34ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fba9ad5efe96a74d7d1fe24228e8d71baf519437948fdde7d5c9aef6e94fa138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

135 KB
52 KB

35ms
35ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39ece78335423a1deabfd83edf8a0d0ec9e45ac03bbbb5d1d39a8edbe8c3e8a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52912
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c

111 KB
43 KB

39ms
39ms

Script
application/javascript

2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f88ff0374b93768125eb1d74e8912962371ccbe37e5deb2a2614141a6034d3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44120
x-xss-protection: 0
last-modified: Fri, 09 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 09 Dec 2022 01:27:19 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-8694649&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 50ms
23ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.89

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:27:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5Qvi/ivA+iUL9Kd6eBfl++d4K/JFXNUU6qzb26ha/Y/P2nRzdivJutPXnk3/WJQwb2JWM0yx3VxMX9LOcW8pGA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1221502774554360 Show response
connect.facebook.net/signals/config/ 25 KB
7 KB 50ms
24ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1221502774554360?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea1b671766cc4fe0dd9d94393566ca34f9a39af6a23dc4372de7046a2c809028

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 09 Dec 2022 01:27:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7023
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: THOufj6ROrVnBQomksKNPE4HIAKTXhCZoB57ej8b//qE/f8plxEWq3F/Ul2iIMEfF8s6qvewqstxzpn+fhhfPg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tv2track.php
collector-16829.us.tvsquared.com/ 42 B
276 B 120ms
119ms Image
image/gif 3.22.179.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://collector-16829.us.tvsquared.com/tv2track.php?action_name=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&idsite=TV-8136187209-1&rec=1&r=853058&h=1&m=27&s=19&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&_id=8425b281f4a9a9a4&_idts=1670549239&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=320
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Server: 3.22.179.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-179-81.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Fri, 09 Dec 2022 01:27:19 GMT
Server: nginx
Connection: keep-alive
Request-Id: 725dc733-64dc-425b-b921-27e85f70dea4
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK tv2track.php
collector-16829.us.tvsquared.com/ 42 B
276 B 225ms
110ms Image
image/gif 3.22.179.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://collector-16829.us.tvsquared.com/tv2track.php?action_name=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&idsite=TV-8136187209-1&rec=1&r=677198&h=1&m=27&s=19&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&_id=8425b281f4a9a9a4&_idts=1670549239&_idvc=0&_idn=0&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=320
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: HTTP/1.1
Server: 3.22.179.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-179-81.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Fri, 09 Dec 2022 01:27:19 GMT
Server: nginx
Connection: keep-alive
Request-Id: 8bc9b798-c0ac-4a00-b1aa-6ec0c53f6bd1
Content-Length: 42
Content-Type: image/gif

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/ 2 KB
932 B 42ms
31ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/?random=1670549239302&cv=11&fst=1670549239302&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&auid=814195572.1670549239&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad601b6178044b2354c2cee0b6a560199a53b17d16ec2110e7a5f342b0cddac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 906
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 98C5 980 B
707 B 139ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e7d7c1b5d86b2feb0424695253a3303d139ecc3e

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.67506ef287a81e691ccccf99870d175e.html?origin=http%3A%2F%2F212.104.43.201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 09 Dec 2022 01:27:19 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 09 Dec 2022 01:27:19 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: e506a21d3afaaa1c
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 5c5731f69ef92c9958b63f8e60e94fc18ef43b81d3bef6632afc928fe2d6591c
content-length: 386

GET
H/1.1 200
OK o9NOyY7aosh5TcoR Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 38ms
38ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/o9NOyY7aosh5TcoR

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:28 GMT
Server: Apache
ETag: "0-5dc0ea3202900"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 0

GET
H/1.1 200
OK xNbpPHv8SmTRvG5J Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 33ms
33ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/xNbpPHv8SmTRvG5J

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:28 GMT
Server: Apache
ETag: "0-5dc0ea3202900"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 0

GET
H/1.1 200
OK xNbpPHv8SmTRvG5J(1) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 54ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/xNbpPHv8SmTRvG5J(1)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:30 GMT
Server: Apache
ETag: "0-5dc0ea33ead80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK EPgQynwBegfIBy_-
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 81 B
351 B 31ms
31ms Image
image/png 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/EPgQynwBegfIBy_-

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:30 GMT
Server: Apache
ETag: "51-5dc0ea33ead80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 81

GET
H/1.1 200
OK xNbpPHv8SmTRvG5J(2) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 37ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/xNbpPHv8SmTRvG5J(2)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:30 GMT
Server: Apache
ETag: "0-5dc0ea33ead80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0 Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 38ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:30 GMT
Server: Apache
ETag: "0-5dc0ea33ead80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 200
OK yg5P_pCXbjUGCwXB
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 30ms
30ms Image
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/yg5P_pCXbjUGCwXB

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:32 GMT
Server: Apache
ETag: "0-5dc0ea35d3200"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 0

GET
H/1.1 200
OK xNbpPHv8SmTRvG5J(3) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 32ms
29ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/xNbpPHv8SmTRvG5J(3)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:32 GMT
Server: Apache
ETag: "0-5dc0ea35d3200"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(1) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 37ms
33ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(1)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(2) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
269 B 33ms
29ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(2)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 0

GET
H/1.1 200
OK xNbpPHv8SmTRvG5J(4) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 46ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/xNbpPHv8SmTRvG5J(4)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(3) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 42ms
37ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(3)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(4) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 49ms
28ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(4)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(5) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 30ms
28ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(5)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:34 GMT
Server: Apache
ETag: "0-5dc0ea37bb680"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(6) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 38ms
36ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(6)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:36 GMT
Server: Apache
ETag: "0-5dc0ea39a3b00"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(7) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 33ms
33ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(7)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:36 GMT
Server: Apache
ETag: "0-5dc0ea39a3b00"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 0

GET
H/1.1 200
OK olestAFsBfoiNHe0(8) Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 0
268 B 41ms
41ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/olestAFsBfoiNHe0(8)

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:36 GMT
Server: Apache
ETag: "0-5dc0ea39a3b00"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK Ms_IxTh1HT79OiUt
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 81 B
351 B 34ms
33ms Image
image/png 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/Ms_IxTh1HT79OiUt

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:36 GMT
Server: Apache
ETag: "51-5dc0ea39a3b00"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 81

GET
H/1.1 200
OK tH134LAG-uBqJSpk Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame F506 545 KB
546 KB 38ms
38ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

690dd115409577130c133cdde79ba47327929e866c61f3f7f54d5d91340ae239

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:19 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:38 GMT
Server: Apache
ETag: "88527-5dc0ea3b8bf80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 558375

GET
H/1.1 200
OK svrGP
eloqua.53.com/visitor/v200/ 49 B
375 B 151ms
116ms Image
image/gif 142.0.165.165
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=eloqua.53.com

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

142.0.165.165 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

svrGP
contactforms.53.com/visitor/v200/
Redirect Chain

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com

49 B
375 B

443ms
140ms

Image
image/gif

142.0.173.20
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

142.0.173.20 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:19 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:18 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=287&optin=disabled&firstPartyCookieDomain=contactforms.53.com
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 289
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1670549239014&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2501126286&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
548 B 66ms
28ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1670549239014&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2501126286&rmt_tld=1&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/983180037/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/983180037/?random=1670549238974&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2689639834&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/983180037/ 42 B
108 B 64ms
29ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/983180037/?random=1670549238974&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2689639834&rmt_tld=1&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 87ms
24ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1221502774554360&ev=PageView&dl=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&rl=&if=false&ts=1670549239423&sw=1600&sh=1200&v=2.9.89&r=stable&a=adobe_launch&ec=0&o=28&fbp=fb.3.1670549239422.973970007&it=1670549239237&coo=false&rqm=GET

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 09 Dec 2022 01:27:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
216 B 118ms
117ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8212c4-86d6-49a8-b342-ad70034178f0&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/uwt.js.download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 110
date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
server: tsa_o
content-type: application/javascript;charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-transaction-id: a6d164e27b245b70
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 5d796d60929fa042bc33a8473c34c78cf82cc9ee1cf17d1896836709c8257b1d
content-length: 57

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8...
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e...

43 B
117 B

114ms
114ms

Image
image/gif

104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8212c4-86d6-49a8-b342-ad70034178f0&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 09 Dec 2022 01:27:19 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 3ecd4581839686ba
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 25cde6882846f10801aaf8b6babadcfa100740e3b2254d44c9156b5dc18619ee
content-length: 43

Redirect headers

x-response-time: 100
date: Fri, 09 Dec 2022 01:27:19 GMT
server: tsa_o
location: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=8e8212c4-86d6-49a8-b342-ad70034178f0&tw_document_href=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php
x-transaction-id: 2b0f9eb01e51747d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e8063dd1689db7780e15766cc28f5961988d62d2880de0cfc9ef3c71b538966b
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/725123364/ 42 B
64 B 30ms
27ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725123364/?random=1670549239302&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1815357118&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725123364/ 42 B
64 B 85ms
29ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725123364/?random=1670549239302&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1815357118&rmt_tld=1&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1670549239032&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4237003534&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
64 B 85ms
28ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1670549239032&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4237003534&rmt_tld=1&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 26ms
26ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1670549239022&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807285094&rmt_tld=0&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
64 B 84ms
28ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1670549239022&cv=11&fst=1670547600000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2807285094&rmt_tld=1&ipr=y

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 09 Dec 2022 01:27:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 5389 980 B
482 B 121ms
121ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=8148625648265b36e20a5d6dacedd0e445976362

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/widget_iframe.67506ef287a81e691ccccf99870d175e.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-response-time: 114
date: Fri, 09 Dec 2022 01:27:18 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Fri, 09 Dec 2022 01:27:19 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://212.104.43.201
x-transaction-id: feb11d9dcf84a922
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 5c5731f69ef92c9958b63f8e60e94fc18ef43b81d3bef6632afc928fe2d6591c
content-length: 386

GET
H/1.1 200
OK 75tAXtuMB4HAunua
event.evtm.53.com/ Frame F506 81 B
475 B 80ms
13ms Image
image/png 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.evtm.53.com/75tAXtuMB4HAunua?ac278d354470f535=d7BxjBweLutHM6Ai6CQ13iCysX4fisERrGBVfASK0ghsNV6SEjkbrOhZ2ViSvMN03_IkC-j7DT4Hr_vFFRa7rsUGW9MfXq0iY_lHrLKfG7JZWjsyekXPLTi6_fIaQTmDnuHsvsyH1BrZ8LuMy_wRDv-mu5Lv_8lP9Ia5heA

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK CuIQ82MsLMls0QO3.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 4E70 88 KB
14 KB 107ms
106ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/CuIQ82MsLMls0QO3.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

3d237ef8410c73843de64d35849664c4320b6f4873e999d64efacbde9c1176db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14337
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:20 GMT
Keep-Alive: timeout=5, max=86
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK nxvG008dYMqvZr9C.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame B785 101 KB
16 KB 109ms
108ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/nxvG008dYMqvZr9C.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

0adbcd435002ea814bf249d77a8d5b66ec0c51c4bd77d759e1b3b1afffd866c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 16485
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:20 GMT
Keep-Alive: timeout=5, max=86
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK OMZ03uFcGWdgppHM.html Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 3BA6 88 KB
14 KB 101ms
100ms Document
text/html 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/OMZ03uFcGWdgppHM.html

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

c5ab5027d19b6aa32e83657688dc6cdb8c59ac8365a0b530201980a81f2bcb4c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=0, no-cache
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 14197
Content-Type: text/html; charset=UTF-8
Date: Fri, 09 Dec 2022 01:04:20 GMT
Keep-Alive: timeout=5, max=93
Server: Apache
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
X-Mod-Pagespeed: 1.7.30.4-

GET
H/1.1 200
OK qbWdy3eEz8qLrmnF Show response
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame 4E70 0
268 B 34ms
34ms Script
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/qbWdy3eEz8qLrmnF

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/CuIQ82MsLMls0QO3.html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/CuIQ82MsLMls0QO3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:20 GMT
Last-Modified: Thu, 07 Apr 2022 11:18:38 GMT
Server: Apache
ETag: "0-5dc0ea3b8bf80"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 200
OK dxcW_1ImjThIxrJx
212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/ Frame B785 0
268 B 38ms
38ms Image
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/dxcW_1ImjThIxrJx

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/nxvG008dYMqvZr9C.html

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/nxvG008dYMqvZr9C.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:04:20 GMT
Last-Modified: Thu, 07 Apr 2022 11:17:44 GMT
Server: Apache
ETag: "0-5dc0ea080c600"
X-Frame-Options: SAMEORIGIN
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Content-Length: 0

GET
H/1.1 204
No Content qbWdy3eEz8qLrmnF Show response
event.evtm.53.com/ Frame 4E70 0
387 B 14ms
13ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/qbWdy3eEz8qLrmnF?b471dda9eec96877=JkRJ8vRoAqVL_ikhwS7e3VGJz36TYII9ENLHudx0ga_s_vabMyOvarUybA413hOn8mmMN2EtsfpPt-svaFkrmNw7IQNcQYDD7qoSjP_Uha12i-0MfJ5P-u9UdN-OL5vYMkCF_Mw-yO513g0zRWof_tGtxKo&jf=3136266c71603f6730323464346a363032603e3639373530363a66643532313a3a3b333a356231

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/CuIQ82MsLMls0QO3.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
event.evtm.53.com/fp/ Frame F506 81 B
529 B 42ms
13ms XHR
image/png 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 3z5dc3wi/18db20730453836cf5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc
Referer: http://212.104.43.201/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 09 Dec 2022 01:27:20 GMT
Server: Apache
Etag: 55b2bbd5d4c04245b69b043d1e4a2ec5
Content-Type: image/png
Access-Control-Allow-Origin: http://212.104.43.201
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 08 Dec 2027 01:27:20 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame F506
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&k=2

0
387 B

15ms
15ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&k=2

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame 6914 91 KB
14 KB 30ms
16ms Document
text/html 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b390e9c2957d47298b18739d70c5f8741a17a925ba24515a7d6672383cc30226

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F506 0
387 B 14ms
13ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&jb=3136266c71633f6730323464346a363032603e3639373530363a66643532313a3a3b333a356231

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
h.online-metrix.net/fp/ Frame C3F0 104 KB
16 KB 53ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

31b4b8bdf0c483854a114ade088678d6489e5c4d6d09598f3b359cdf97da9653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F506 0
387 B 14ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&jd=3735262668646c3f3b2468646835393b34333f3366606631373b3567333437606335373660623339606136306b3a2468667c6e3f32383f333a31

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame 076A 90 KB
14 KB 22ms
22ms Document
text/html 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/top_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1798dde5591fd56e1699d37e242fea444e843f59fc650b12607db4286d0767fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:20 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
event.evtm.53.com/fp/ Frame F506 0
219 B 20ms
20ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&ja=333839362424613f3824783f302e663f3334383278333238302e63643d333632327a3330323026737a7b3f3270322466707a3d332e333e32302e313a30382e333632302e333032322e313630322e333038322e333638302e333038322c322c382665763f613a38306360616661373764666466643167633a3439313635323e603963376926656c3f34247361663f3036246c683d6a7676722d314327324e2530443039302e33303c2e3c312c3232312730446770706f7273273044373b273044466166766a273a3732325460697a66273237323240636c696b6e672530373032446d656b6e2d3237303257273237323846616476682732373032566a6b726425303730324a636c695f6e696e67712d304671617e656c5d7065716f777061672a33292e68766f6e246c703f6a747c702731432d304627324e3239302c3132342c36312c30323125324467707067707127324e353127304e6c6467782670607224706e3d3124726a3f353866323a6363346a6164606539313160353b3a37636538643b606662306436246a6a3f33376233336735636e343366316e656737673166653b343c61383535383238672468716d3f57696e666d75712d303233302e6a71603f4b6a726d6d6d253a3233303a2668716d773f55696e646d757124627160773d4b68706d6f6d246e6a6335342e7678643f457661273044576e6b6e6d756c246563766a7235343232316c336330626d63383067366163373432323a3061643137373632396466363530383336336c346563613a346c613b3463666066353031333331393463247235726e7767616e5d646e6971685c66696c7b6723706e75656b6c5d756b6e646f75715d6f6d666b635f786c637b677a5c66636c7b6529726e7565696c5d63666d60655f6161706d6069765c646164736723726477676b6e57717d6b616b76696f675c64636e736521726e7765616c5d716867636975637e675e646164736d23726c77676b6c5d7067636c706c637b67705664636e736d21726e776f6b6e5d76646357726e617b65705c64636e716521706e77656b665d666776696c74705c6e636c71652970647765696c5f7174655d746b657765705c646364716723706475656b6c57686174615666696e716524676e5d613f756762676c5567604544273032312630273032204d70676e4f4c2d30324551253032302c32273230436a706d6f61776f2b576d62454e273a32474e5344253a324753273232332c32273030284f72676c4544273032455b2530324544514c273238455b273030332e32273032416a726f6d6b776f2b5f676049697c5767604961762530305f656a454e414c474e475d6b6c7174616e6167665d69707063797b253140273a32455a54576264676c645d6d6b6c6f637a273342253032475a5c5d616d6c67725d60776e6465705f606164645d666e6f6376273140273230455a565d64646d63765f6a6c676c662d31422732384550565d667061655d66677276682533402730324d5a565d7360616667705776657a747d726d5d6e6f662531402730324758545f76677a767d70675d63676d7270677b71696d6e5762787661253142273032475a565f74657a7677706d5d616d6d7872677171616d6e5d726f746b273142273232475a565d766578747770675d6e6b6e76657a5f636c6b7b6d74706f78696b273142273232475a565d71524742273140273a324d475357656e676f6d6c745d6966646d7a5d756b6e762731402730304f45515d6460675d70676e6c65705d6f61726d63702d334a2730304d45515d7176636c646172665d66677a6b74637461766771273b4025303047455b5d76657a747770675d646e6f6174273140273a324d47535774677a767d70655d66646f69765d6c6b6e6763702731402532304d47515d7c677a76757a655d6a6364645f646c67617c2731422732324d47515d766578747770675d60636e645f6e6c6d6376576e696c6569722d31402530304d47515d74677274657a5d63707a637b5d6f6a6a6761762d3142273238574d40454c5d636d6e6d705d6075666667705d64646d6376253b422730325f4742454c5763676f727267737167665d766778747570675d637b766127334a253032554d40474e5f6b6f65727065717367665d76677a747572675d67766b273140253a305547404f4e5f616f65707a67717367645d76677a767772655f677661332d314027323857474045445d636d6d78726d717165665f76677a767770655f73317661273b402730305f4540454e57616f6f707a657b7167645d74677a767770675f733376615d717a656027334a253032554d40474e5f6c656a77655f70656c66677067705f696e646d27314a273032574d42454e5d6c6770766857746d7a76757065273140273032574542454e5d667a63755d627d666467707b273340253a305f4740474e5f6e6d71675d616f6e74677a76273b402730305f4540454e576f756e74615f6c706377333624656e5d6a3f336666376664643c353632646c633632356d3432606538653f36663237353634333236663432353b24756564743f4b6e7c656e2730384b6e612e2e776f6e703d4b6e76676e273032497269712730324772676c4744253032476665696c652e636b663f31&jb=333534266e733f4f67786b6e6c692530443726322530302057616c666f75732730324c5627323031322c32273b402730305f696c34362d3142273238783e362b2530304372726e675565624b6b7627304e3731352e3b36273032204948564d44253a412732326c6b6967273032476563696d2b273a32416a72676d6727304e33303a2e382e3d3137392c393a27303251636661726b2730443d31352c333e

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net/fp/ Frame F506 81 B
438 B 762ms
148ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&di=yes

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK ade84621-61a0-4015-8cfd-124e4629fadb
http://212.104.43.201/ Frame F506 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/ade84621-61a0-4015-8cfd-124e4629fadb
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK af1b5b4f-5a26-49e1-9120-61d413015d00
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/af1b5b4f-5a26-49e1-9120-61d413015d00
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 3c07f2f8-b9a1-43ee-ba94-a8b5bc42d0e6
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/3c07f2f8-b9a1-43ee-ba94-a8b5bc42d0e6
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK f4c39129-aecb-4976-a0ab-2ed7b1150ef3
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/f4c39129-aecb-4976-a0ab-2ed7b1150ef3
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 8d954b73-db0e-449a-90b7-f375c9d902fb
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/8d954b73-db0e-449a-90b7-f375c9d902fb
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 9099ed8f-4eb4-424a-a1bb-9f9fe23f8bd7
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/9099ed8f-4eb4-424a-a1bb-9f9fe23f8bd7
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 239b53d4-17a4-4f88-aaa3-7b9b01254c12
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/239b53d4-17a4-4f88-aaa3-7b9b01254c12
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 03ce54d7-9f05-4f67-9e63-8762a193abbf
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/03ce54d7-9f05-4f67-9e63-8762a193abbf
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 3e668dd0-81b4-4eea-9876-38f16f52e377
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/3e668dd0-81b4-4eea-9876-38f16f52e377
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK c5399029-555c-4ed2-b328-2b28c08b457e
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/c5399029-555c-4ed2-b328-2b28c08b457e
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK ab5f5aab-9584-4523-a29d-6d2e12a8aacc
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/ab5f5aab-9584-4523-a29d-6d2e12a8aacc
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 00966a95-7835-4735-a11e-1a901e1fb0cc
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/00966a95-7835-4735-a11e-1a901e1fb0cc
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK e0e86293-e062-49a2-9624-03031ec7ab5a
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/e0e86293-e062-49a2-9624-03031ec7ab5a
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 549553af-f61b-41e4-9b84-e0a2c9b0644e
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/549553af-f61b-41e4-9b84-e0a2c9b0644e
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK c8047d43-65c6-4d84-8d0a-adaf9116b567
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/c8047d43-65c6-4d84-8d0a-adaf9116b567
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 4dbbf50b-bd58-4e54-b168-027313d6e9c1
http://212.104.43.201/ Frame F506 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/4dbbf50b-bd58-4e54-b168-027313d6e9c1
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1747
Content-Type: application/javascript

GET
BLOB 200
OK 95c70c3c-ece5-4247-a41f-d46f81d977e1
http://212.104.43.201/ Frame F506 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/95c70c3c-ece5-4247-a41f-d46f81d977e1
Requested by: Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f64bee826bccb356e29b877ba33ae25dbc3cba68d7182aad644ba3e2228524cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/saved_resource(1).html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame 6914 0
387 B 14ms
13ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&jf=3136266c71603f363a306731393f3963333169363260656a613d376635306166633a3431313162

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F506 0
387 B 14ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&jac=1&je=333338262475676b3531352c35302e373a2c3a37302470653d666d246177646a3f6163356039653667343a336b616361366e32633561393b323b333e333c346035613333353b34603664386466363a343832313a666d346432316e61643a343d392e677a333f66336767373b61616637373336353f343766323c393134353d303467393a666e6160383331316363

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 2tS86Iyzecp6FtLb Show response
event.evtm.53.com/ Frame F964 583 KB
107 KB 25ms
24ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/2tS86Iyzecp6FtLb?7189fed76399583c=Aw4d40FD5MX8BPg4DQFC8X8FjnmMjht44SzG_EUcltN96EVW8RLYYd1tdSYI-da-XJakfZF_ijwM4km0EDvCAuvoreHGvE5oSTa2YA-7gCuSI-Jo_PlNcsh4Ta7T8DF_YcBQGCXjaTXAER8W2n0-i0mRpblX62Kg2SlfljhwQV5nWw0KZSl4YFTG7SJgSf_B8MhYG-e76YnmuTXC&jb=3739262668716d7735556b6c6467777124687b6d3d55696664677571253030333224687160753d436a706d6f6d2468716235436a706d6567253030393030

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/88qs0x8k4m6iu615.js.download

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4664529ddcf1d1657edacf7bb180178b20fd10d97adca4860634af855da4b0c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 6955b138f199c193
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Keep-Alive: timeout=2, max=92
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 05a5JRbCMeYO8m3d
event.evtm.53.com/ Frame F964 81 B
474 B 14ms
13ms Image
image/png 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.evtm.53.com/05a5JRbCMeYO8m3d?d19fd8759afd0f8f=4K9NHNBDS14CQn2FoPphGpQ0cR-C0YLzeMGMqOP7G8p8GllG2Gywwb18ZIVfCLKmqKB3nQAo-_EI-pQXOqP_Dayx8vSO4isGGh95-YdX6RHFZAkXozDmctK0EHannsroHJz19yK1God1BciUrry31PDzWkY91CT98Rzckc0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK prCZxUhkbJPccex1
event.evtm.53.com/ Frame F964 81 B
474 B 28ms
13ms Image
image/png 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.evtm.53.com/prCZxUhkbJPccex1?e3ed7f74105634ae=9MIqwcyVr2k1IyNw2uFHt3xoO70YLWOBojbSfGbJ4gWTVOU88TVR8mgNg-4I_yR1uIcnzFYCehIYYxGNmNwmO_Bi1uxRCX953EVaURH0EFSz2RxM25qQGtUQnyrprcMEjPK2tsSsStsIkDiF4y1Uya5lpr_vt_5z2cxR6bg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content mod_pagespeed_beacon Show response
212.104.43.201/ 0
219 B 40ms
39ms XHR
text/plain 212.104.43.201
INIT-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://212.104.43.201/mod_pagespeed_beacon?url=http%3A%2F%2F212.104.43.201%2Ferrors%2F53%2Fndex.php

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/ndex.php

Protocol

HTTP/1.1

Server

212.104.43.201 , Italy, ASN9076 (INIT-AS, IT),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://212.104.43.201/errors/53/ndex.php
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 09 Dec 2022 01:04:21 GMT
Cache-Control: max-age=0, no-cache
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=84
Content-Length: 0
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK clear.png Show response
event.evtm.53.com/fp/ Frame F964 81 B
528 B 14ms
13ms XHR
image/png 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/2tS86Iyzecp6FtLb?7189fed76399583c=Aw4d40FD5MX8BPg4DQFC8X8FjnmMjht44SzG_EUcltN96EVW8RLYYd1tdSYI-da-XJakfZF_ijwM4km0EDvCAuvoreHGvE5oSTa2YA-7gCuSI-Jo_PlNcsh4Ta7T8DF_YcBQGCXjaTXAER8W2n0-i0mRpblX62Kg2SlfljhwQV5nWw0KZSl4YFTG7SJgSf_B8MhYG-e76YnmuTXC&jb=3739262668716d7735556b6c6467777124687b6d3d55696664677571253030333224687160753d436a706d6f6d2468716235436a706d6567253030393030

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 3z5dc3wi/6955b138f199c193f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc
Referer: http://212.104.43.201/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Fri, 09 Dec 2022 01:27:21 GMT
Server: Apache
Etag: 9dcbbc13260a45448030950b3caa4cc7
Content-Type: image/png
Access-Control-Allow-Origin: http://212.104.43.201
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Wed, 08 Dec 2027 01:27:21 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame F964 0
387 B 14ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&gttl=155520000

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A Show response
event.evtm.53.com/fp/ Frame 90DA 91 KB
14 KB 17ms
16ms Document
text/html 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

dd14ffe0eaf6a3da4288bf7915bdf189ed39ba838a057d6107eac56d566852dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F964 0
387 B 14ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&jb=3136266c71633f6730323464346a363032603e3639373530363a66643532313a3a3b333a356231

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A Show response
h.online-metrix.net/fp/ Frame A1A6 104 KB
16 KB 17ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

ce1852df3f3dfc3da856afb9da76f01db6887952aee93d79c784de6515ff90da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F964 0
387 B 14ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&jd=3735262668646c3f3b2468646835393b34333f3366606631373b3567333437606335373660623339606136306b3a2468667c6e3f32383a363a31

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK top_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A Show response
event.evtm.53.com/fp/ Frame 6191 90 KB
14 KB 16ms
16ms Document
text/html 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/top_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

100c50d3cffbb3cbc162c97fc1a9b8a6b0574776fb57f419d2d1bdb35fe7799a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://212.104.43.201/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Fri, 09 Dec 2022 01:27:21 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=89
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
event.evtm.53.com/fp/ Frame F964 0
218 B 255ms
255ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&ja=333832382424613f3824783f302e663f3334383278333238302e63643d333632327a3330323026737a7b3f3270322466707a3d332e333e32302e313a30382e333632302e333032322e313630322e333038322e333638302e333038322c322c382665763f613a38306360616661373764666466643167633a3439313635323e603963376926656c3f34247361663f3036246c683d6a7676722d314327324e2530443039302e33303c2e3c312c3232312730446770706f7273273044373b2730446e6c657a2c72607226667235687c76722531412730442730443231322c3332362636312c3238312730446d70726d727b253a4437332732446c66677a2c70687024726e3f3b24726a3d3f3864303a69633660636e626d3333336037313a35636732643362666030663c246a6a3d39376031336d3561643639643964676537653b66673b3636613037353a323a6d2468716f35576b6c666775732732383138246873603d416a706d6f6725323033323a2462716d773d5f696c666d7f712668736a7535416a726d6d67246c6a613f34266e6f76723f382476786435457661273a44556c6b666f7f6c246d63746a703f363232336431613060676b323067366b63373432383a32636439353d363231646436373a3a3336316436676363303c66613b3469666066353a3131313131366924723d726c77656b6c5d646c61736a2737476e636e716529706e7765616c5f756966646775715f6f65666b635d726e617965702737476e636e716529706e7765616c5f636467626d5d6363706f60637627374766616c716723726477656b6e5771776b616376696f652d354d64636c716523726e77656b6e5f736a6d61697f637467253d4564636e7b6721726c7d67616c5d7267616e726e637b677225354764636e7b6723726c7d676b6c5d7e6e635d70646171677025374564636e716723706c75656b6c5d6c6774636c7e722737476e636c71652970647765696c5f7174655d746b657765702737476e636e716529706e7765616c5f68617e612d374766636c716724656e5d633d776760656e5f6760454c2d3232332c382732322847706d6c454c2732324751273032322e302730324160706d6f697d6d2b55676a454c2732384744514e2530304751273032332e302530322a4d78676c454c2d323247512d3030454c5b4c2d30324551253032332c32273230436a706d6f61776f2b576d62496b765f676249697c253a32556560474e434c454e475f696e7176636c6b67665d617a72637b712d31422732384550565d626e656c665d6f6b6c6d6178273140273a32475a5457636d6e6d7a5d6277666e657a5d6a616e665d646e6d63762533422730324750565d646c6761765d6064676e66253b422d3032455a545d647063655d646570766a27314a2730324550545d716a696665705f7c6570767772675f6e6d66273140253230475a565d7c677a76757a655d616d65727267737b69676c5d627274612731402730304558565d7667707677706557636d6f727a67737169676e57706574612531402730324758545f76677a767d70675d66616c76677057636e6b7367747a6d7269612531402730324758545f715045402d31402732384f47515d6d6e656f656674576b6c6467785d776b6c762733422530324d475b5d64606f5772676c666d705f6f69786d69722733402530324d47515d7374616c6663706c5d666772617663766b7e677327334a253a324d45515f76677a767770655f666e6d63762d31402732384f47515d7c677876757a6557646e6f63745d6e6b6c6763722533402730324747515d746d787677706d5d68636c6e5f6e6e6d61762531402730324d45535f76677a767d70675d68696c645d64646d61765f6469666763722733402730324d47535f7667707667705d63707269795d6d6062676376253b422d3032574742454e5d616d6e6f725f607764646d705d646c67617627314a273232574d424f4e5d636d6d727067717167645f74677a76777a675d63737c632731402d303055454a47445d616f6f707067717167665f74657a7677706d5d6776632d334027303855454047445f6b6d6f707065717167665d766578747770675d6d766133253b422730325f4742454c5763676f727267737167665d766778747570675d713b766127334a253032554d40474e5f6b6f65727065717367665d76677a747572675d71317c615d71726f622731402d303055454a47445d66656075655d70676c66657265705d6b6c6e6d2731422d323255474a454c5d646d707c6a5d746778767770672731422532325547404f4e5d667269775d60776e646570732d334a273030554540454e5d6e6d73655f616d6c766d7a7627334a253032554d40474e5f657564766b5f66726375333424656c5f683f3164643d666464343f343266666b363035653e326a673265353466303737363431303466363037312475656c7e3d4b6c766d6e253030416e6b2c2477656c703f4b6c76676c2532324b706b7b2730324f78656c454e2d3030476e6f696667246361643f33&jb=333534266e733f4f67786b6e6c692530443726322530302057616c666f75732730324c5627323031322c32273b402730305f696c34362d3142273238783e362b2530304372726e675565624b6b7627304e3731352e3b36273032204948564d44253a412732326c6b6967273032476563696d2b273a32416a72676d6727304e33303a2e382e3d3137392c393a27303251636661726b2730443d31352c333e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net/fp/ Frame F964 81 B
438 B 60ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 1f29df51-f2f8-4108-81bd-0af29108b589
http://212.104.43.201/ Frame F964 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/1f29df51-f2f8-4108-81bd-0af29108b589
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK f2ab60f3-0762-4c87-871a-82add399df48
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/f2ab60f3-0762-4c87-871a-82add399df48
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ccc60708-69a6-466c-874d-44abf2c9d596
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/ccc60708-69a6-466c-874d-44abf2c9d596
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK a7d4ac93-1f8a-4ac3-a959-ee9088be39d3
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/a7d4ac93-1f8a-4ac3-a959-ee9088be39d3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 3e051e7a-f237-4238-ba50-881b8de00c3a
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/3e051e7a-f237-4238-ba50-881b8de00c3a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e406e607-8f8e-41e8-b79e-2bc8d7cba337
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/e406e607-8f8e-41e8-b79e-2bc8d7cba337
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 05eddd62-9b56-49cd-97be-257924dcc74f
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/05eddd62-9b56-49cd-97be-257924dcc74f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 64a38785-376c-46e8-976f-caadfc6de463
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/64a38785-376c-46e8-976f-caadfc6de463
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK d12b3d3e-a6a7-4ed6-87d0-cc8b5b78a4f8
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/d12b3d3e-a6a7-4ed6-87d0-cc8b5b78a4f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 3eff1c50-91fa-4c84-aec5-2ed1137918df
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/3eff1c50-91fa-4c84-aec5-2ed1137918df
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK c547e83d-1752-4d72-a7e1-181790705b6a
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/c547e83d-1752-4d72-a7e1-181790705b6a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 307f4656-b4f2-4a63-9a0a-139482d31f7e
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/307f4656-b4f2-4a63-9a0a-139482d31f7e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK b21bc6aa-a890-42b1-9676-16bf7e647821
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/b21bc6aa-a890-42b1-9676-16bf7e647821
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK fa304509-8663-4915-afb5-f96b449bed1a
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/fa304509-8663-4915-afb5-f96b449bed1a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK a63a113c-4413-4ea8-947e-efdb824f3c57
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/a63a113c-4413-4ea8-947e-efdb824f3c57
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK a0ae989e-cecc-4042-992e-b31761a646b1
http://212.104.43.201/ Frame F964 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/a0ae989e-cecc-4042-992e-b31761a646b1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ab16a0a8-33c1-4420-8f9b-d25379ed5b74
http://212.104.43.201/ Frame F964 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://212.104.43.201/ab16a0a8-33c1-4420-8f9b-d25379ed5b74
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7de118046707df163aeb25eb6119f7129900901e04ce8f9be83546ab2e8c4d92

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/errors/53/ndex.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame 90DA 0
387 B 14ms
13ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&jf=3136266c71603f363a306731393f3963333169363260656a613d376635306166633a3431313162

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://event.evtm.53.com/fp/ls_fp.html;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=88
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
event.evtm.53.com/fp/ Frame F964 0
387 B 14ms
13ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&jac=1&je=333338262475676b3531352c35302e373a2c3a37302470653d666d246177646a3f6163356039653667343a336b616361366e32633561393b323b333e333c346035613333353b34603664386466363a343832313a666d346432316e61643a343d392e677a333f66336767373b61616637373336353f343766323c393134353d303467393a666e6160383331316363

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame F506 0
218 B 15ms
15ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&jac=1&je=3a3426267265673f2d354027323a766770273a302531413b253a41273230756c6667646b6c656430324d5256414d4c32253a322731432d3742646164736d2730432732304d52564b4d4e2532302730413c273746253f44

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:21 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame F506 0
218 B 20ms
19ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=18db20730453836c&je=3335382670663f247a66763f363b3331312f393730322c3d3938322f313730322e373b32332d313532322e373132302f313d30322e373132332f313d30382e31333a392f333732322e353935322f333738322e37393b312f333738322c37393b3925333730322c3432313b2f333530302e373b363c2f333730382c343236382f313730382c3d3035392f313732322e353237302d3337323224303333322531373232

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:22 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=9946580CB42F1D5A81453217C07B225A Show response
event.evtm.53.com/fp/ Frame F964 0
218 B 15ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear3.png;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&jac=1&je=333233262472656757777266617c653f27354a273230302d323a2731412737402730307467722532302731433b273546253a4327303039273230253b412d3540253032776c6667646b6e656432324d525c4b4d4c302d323027314927354066696c7b672732412530304d52564b4f4e25303027304b362737442d374627354c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:22 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=9946580CB42F1D5A81453217C07B225A Show response
event.evtm.53.com/fp/ Frame F964 0
218 B 15ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear3.png;CIS3SID=9946580CB42F1D5A81453217C07B225A?org_id=3z5dc3wi&session_id=f5a0cfb6-cbbd-422b-be35-d8b3a2ab3fcc&nonce=6955b138f199c193&je=3335382670663f247a66763f363b3331312f393730322c3d3938322f313730322e373b32332d313532322e373132302f313d30322e373132332f313d30382e31333a392f333732322e353935322f333738322e37393b312f333738322c37393b3925333730322c3432313b2f333530302e373b363c2f333730382c343236382f313730382c3d3035392f313732322e353237302d3337323224303333322531373232

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:22 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame F506 0
218 B 14ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:23 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 clear3.png;CIS3SID=1D62339A341595638822BBA0E06BE5A1 Show response
event.evtm.53.com/fp/ Frame F506 0
218 B 15ms
14ms Script
text/javascript 91.235.132.75
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 212.104.43.201
URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/tH134LAG-uBqJSpk

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.75 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://212.104.43.201/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Fri, 09 Dec 2022 01:27:24 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=89
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fifth Third Bank (Banking)

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
212.104.43.201/	1969-12-31 23:59:59	Name: AMCVS_CBBDCBC1557213FE7F000101%40AdobeOrg Value: 1
212.104.43.201/	1970-01-20 17:38:29	Name: mbox Value: session#433758361e99471aa800a47265ba5bd0#1670551099\|PC#433758361e99471aa800a47265ba5bd0.37_0#1733794039
212.104.43.201/	1970-01-20 10:12:05	Name: _gcl_au Value: 1.1.814195572.1670549239
.mathtag.com/	1970-01-20 17:28:24	Name: uuid Value: aaa26392-8ef7-4400-a6c2-582da4145258
212.104.43.201/	1969-12-31 23:59:59	Name: s_ppvl Value: %5B%5BB%5D%5D
212.104.43.201/	1970-01-20 16:48:05	Name: s_vnum Value: 1702085239095%26vn%3D1
212.104.43.201/	1970-01-20 08:02:31	Name: s_invisit Value: true
212.104.43.201/	1970-01-20 08:45:41	Name: s_getNewRepeat Value: 1670549239095-New
212.104.43.201/	1970-01-20 08:02:31	Name: gpv Value: fifth%20third%20bank%20%7C%20errors%20%7C%2053%20%7C%20ndex.php
212.104.43.201/	1970-01-20 17:38:29	Name: s_lv Value: 1670549239096
212.104.43.201/	1970-01-20 08:02:31	Name: s_lv_s Value: First%20Visit
212.104.43.201/	1969-12-31 23:59:59	Name: s_cc Value: true
212.104.43.201/	1970-01-20 17:32:43	Name: __atuvc Value: 1%7C49
212.104.43.201/	1970-01-20 08:02:31	Name: __atuvs Value: 63928ef7af1efe55000
212.104.43.201/	1970-01-20 08:03:55	Name: ln_or Value: d
.t.co/	1970-01-20 17:38:29	Name: muc_ads Value: 3ecb10be-ea07-48cc-a699-e56f3871b0a4
.twitter.com/	1970-01-20 17:38:29	Name: personalization_id Value: "v1_JJS0FCJZGUnj4flX52o3/Q=="
212.104.43.201/	1970-01-20 17:38:29	Name: _tq_id.TV-8136187209-1.f4f8 Value: 8425b281f4a9a9a4.1670549239.0.1670549239..
.everesttech.net/	1970-01-20 16:48:05	Name: everest_g_v2 Value: g_surferid~Y5KO9wAAAGPZLgOY
.linkedin.com/	1970-01-20 08:45:41	Name: UserMatchHistory Value: AQLQbdEy9Wgl9gAAAYT0fnXhTJNMLE7lHmKiWbKabi_AWurW_nHW7U4q-YU7jtsYFMnLD9EWTkqAlA
.linkedin.com/	1970-01-20 08:45:41	Name: AnalyticsSyncHistory Value: AQI6w1pbbQCaqAAAAYT0fnXhc835JWbkc9ASrKSBQSrpi4qILHBUzdeinXpZ7AlyNwhF5jsOZtjwG5lxyMdXFw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:48:05	Name: bcookie Value: "v=2&eee548a1-fc90-4def-861b-4eff6c272ce0"
.linkedin.com/	1970-01-20 08:03:55	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2801:u=1:x=1:i=1670549239:t=1670635639:v=2:sig=AQHv8Gci9AriAa3VaPU9ukVb-qsM5sr_"
.doubleclick.net/	1970-01-20 17:24:05	Name: IDE Value: AHWqTUmTkB-kTrCReyFKTMgUuhaYwEzuYLX7ad2TStJetLLOrIUNq_8OjsNUBnRe
.addthis.com/	1970-01-20 17:32:43	Name: uvc Value: 1%7C49
212.104.43.201/	1970-01-20 10:12:05	Name: _fbp Value: fb.3.1670549239422.973970007
212.104.43.201/	1969-12-31 23:59:59	Name: s_ppv Value: fifth%2520third%2520bank%2520%257C%2520errors%2520%257C%252053%2520%257C%2520ndex.php%2C93%2C93%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL
.demdex.net/	1970-01-20 12:21:41	Name: demdex Value: 42339825929059230330890494391532781994
.dpm.demdex.net/	1970-01-20 12:21:41	Name: dpm Value: 42339825929059230330890494391532781994
212.104.43.201/	1970-01-20 17:38:29	Name: AMCV_CBBDCBC1557213FE7F000101%40AdobeOrg Value: -432600572%7CMCIDTS%7C19336%7CMCMID%7C62954857751053644751491290817239947843%7CMCAAMLH-1671154038%7C6%7CMCAAMB-1671154038%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1670556438s%7CNONE%7CMCSYNCSOP%7C411-19343%7CvVersion%7C4.5.2
.addthis.com/	1970-01-20 17:32:43	Name: loc Value: MDAwMDBFVURFSEUyMzAxMTg4NjAwMzAwMDBDSA==
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:48:05	Name: bscookie Value: "v=1&202212090127196da4af85-e3dc-405e-826a-145db59a2e5bAQF3eoUlcpwgMIbfquchHrg4sWBegHY1"
.linkedin.com/	1970-01-20 12:21:41	Name: li_gc Value: MTswOzE2NzA1NDkyMzk7MjswMjGR5CADCkh3OuXpDBrlBTVvuA/VutOtqJIvSdNLU8Lr1w==
h.online-metrix.net/	1970-01-20 17:38:29	Name: thx_global_guid Value: 8ff148e2bb594fb6acf6462747e3f2e1

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/init.js.download.pagespeed.jm.Zhd7apswgv.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/init.js.download.pagespeed.jm.Zhd7apswgv.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/icomoon.woff Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://212.104.43.201/errors/53/Fifth%20Third%20Banking%20Login%20_%20Fifth%20Third%20Bank_files/clientlib-fonts/resources/fonts/icomoon.ttf Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
network	error	URL: http://212.104.43.201/content/dam/fifth-third/heroes/1440x565-ftblue-other.jpg Message: Failed to load resource: the server responded with a status of 503 (Service Unavailable)
worker	warning	URL: blob:http://212.104.43.201/e0e86293-e062-49a2-9624-03031ec7ab5a(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/af1b5b4f-5a26-49e1-9120-61d413015d00(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/549553af-f61b-41e4-9b84-e0a2c9b0644e(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/4dbbf50b-bd58-4e54-b168-027313d6e9c1(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/ab5f5aab-9584-4523-a29d-6d2e12a8aacc(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/f4c39129-aecb-4976-a0ab-2ed7b1150ef3(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/3e668dd0-81b4-4eea-9876-38f16f52e377(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/c8047d43-65c6-4d84-8d0a-adaf9116b567(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/8d954b73-db0e-449a-90b7-f375c9d902fb(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/3c07f2f8-b9a1-43ee-ba94-a8b5bc42d0e6(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/239b53d4-17a4-4f88-aaa3-7b9b01254c12(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/03ce54d7-9f05-4f67-9e63-8762a193abbf(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/c5399029-555c-4ed2-b328-2b28c08b457e(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/00966a95-7835-4735-a11e-1a901e1fb0cc(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/9099ed8f-4eb4-424a-a1bb-9f9fe23f8bd7(Line 17) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/f2ab60f3-0762-4c87-871a-82add399df48(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/c547e83d-1752-4d72-a7e1-181790705b6a(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/a7d4ac93-1f8a-4ac3-a959-ee9088be39d3(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/ccc60708-69a6-466c-874d-44abf2c9d596(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/3eff1c50-91fa-4c84-aec5-2ed1137918df(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/e406e607-8f8e-41e8-b79e-2bc8d7cba337(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/307f4656-b4f2-4a63-9a0a-139482d31f7e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/fa304509-8663-4915-afb5-f96b449bed1a(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/d12b3d3e-a6a7-4ed6-87d0-cc8b5b78a4f8(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/a63a113c-4413-4ea8-947e-efdb824f3c57(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/3e051e7a-f237-4238-ba50-881b8de00c3a(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/b21bc6aa-a890-42b1-9676-16bf7e647821(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/64a38785-376c-46e8-976f-caadfc6de463(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:http://212.104.43.201/05eddd62-9b56-49cd-97be-257924dcc74f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma18db20730453836csac.d.aa.online-metrix.net
3z5dc3wipkdtc5wotpgpgdub4ellnwtcfdkw2cma6955b138f199c193am1.e.aa.online-metrix.net
analytics.twitter.com
assets.adobedtm.com
cdn.linkedin.oribi.io
cm.everesttech.net
collector-16829.us.tvsquared.com
connect.facebook.net
contactforms.53.com
dpm.demdex.net
eloqua.53.com
event.evtm.53.com
fast.fifththird.demdex.net
fifththirdbank.tt.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.online-metrix.net
img.en25.com
m.addthis.com
pixel.mathtag.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
syndication.twitter.com
t.co
tms.53.com
www.53.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
z.moatads.com
s7.addthis.com
104.111.239.138
104.244.42.133
104.244.42.197
104.244.42.200
104.244.42.67
104.75.88.126
13.107.42.14
142.0.165.165
142.0.173.20
146.75.120.157
15.188.95.229
192.225.158.3
2.18.233.201
2.21.20.135
212.104.43.201
23.35.237.151
2600:9000:225e:7400:2:53b2:240:93a1
2606:2800:234:59:254c:406:2366:268c
2620:1ec:21::14
2a00:1450:4001:803::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2003
2a00:1450:4001:831::200a
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:587::1e80
2a02:26f0:3500:591::1e80
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.22.179.81
34.243.172.78
52.19.35.175
54.75.234.63
91.235.132.130
91.235.132.75
91.235.134.131
96.16.149.96
99.80.65.0
05048494de1ac89e9338e1bef95be549b61cebb3efd3f70d557d1a83bb849381
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
068e4862f846253071978b2f5047e77d32fcd94f39a6973521ec77f8c101135f
072bf39e5b3f7de08cecc401103d1556b7f431d0eef26ee276a2349028859653
0809dce74d140cdb75918db36517dfca9fee927aa704fd47ee48432aee8986b5
0a50ea54c2c57ac21455a3dc464f6772067b2c9740a2d1dddf1ff87fd67b668c
0a7d6f4a2ba1dc5dd0351066b35dda10f9fd9d10592de046263d66812dfba9ff
0ad601b6178044b2354c2cee0b6a560199a53b17d16ec2110e7a5f342b0cddac
0adbcd435002ea814bf249d77a8d5b66ec0c51c4bd77d759e1b3b1afffd866c7
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
100c50d3cffbb3cbc162c97fc1a9b8a6b0574776fb57f419d2d1bdb35fe7799a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
162387d10924383bac354e2efc38edc1bf2e64e03958f6947981548632e3171c
1777f023a61ea16a4888e9baa951d81736426c5b880fca946f9d37d0eb2cffae
1798dde5591fd56e1699d37e242fea444e843f59fc650b12607db4286d0767fe
20588da5c0e09841cba8ee3267a897af1a5c6bd359f12ac48a83a8f2c0dda522
227ad97799aa87ec211d4921b3aa5ba10ff5fbf55b11c8899ed9199df73eb2c1
2481465e3591d162511396262b10cae3c38d9d95ff66295f71f51d34bb351676
2ed687fe7a8afdeb8b7b38d9f7a32b3e1961aacf0d78c5700b808664bb06b20b
2f6a2708bb08039d7670a428ddc421f27ed1d6e2fdca03c59001f56f4791e07a
31b4b8bdf0c483854a114ade088678d6489e5c4d6d09598f3b359cdf97da9653
330c2cabfd973da7640fcf8dc5683e377de758eb79f5bd75078dfae439cade2f
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
37bf1c6df20450e80399c4b909738e8da268831981a819eb75922304e15ca047
38d52d917db4751743ef05ad3ce6797efdf445509b4edcb17f24280c9c6d761a
38f7a4c4508c888611c0ce908ddfbd796ae670cb605346c66c02c3d57e8ea53e
39ece78335423a1deabfd83edf8a0d0ec9e45ac03bbbb5d1d39a8edbe8c3e8a7
3b203eebe4947d46365e5cebc597e4d549cfc6cc1d629ad96cb3679ed694caf3
3b5ccea4995418cdcc737c880f5d11b80fb49e5f67cf87b788509ec0b5ecd0fe
3ceb26dc98e521fc949573f8493ce314dd305a5dcc035d18aaeb25087d7e1679
3d237ef8410c73843de64d35849664c4320b6f4873e999d64efacbde9c1176db
3e3e4b8730f174185e0904c988f12bfd64ededbcbbc6279772e7d386760c659f
3e7528d8b58f815ff60129b7da92f50e6a3efe6b0a3c151bc2a7934b692813d5
40d571eba87bea119bbb2b9e872b6532a74612bd9797b223f9417a9617503a7d
414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8
42ed84a1baa7e1cd3eb0d4bdd4abb98bc76a7aef63cee1e9c6650d55bf898f16
4664529ddcf1d1657edacf7bb180178b20fd10d97adca4860634af855da4b0c6
487480073099084d0e7bbaa19982421cbd10d33f8f587c669de7d003284316f1
4c4303e967f0ae9417a14064fd440434f3f8b34ae2904b6c15f19145371d0cce
4cf8eaed47d204d05e98899511c66cf793b252fa48a65ad5da2d75216d09a378
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
506ff5c4d37c218c9e2581ae7e7bd9bb94e1fbb2a3d7b5584f332966fa003981
5645f9295f6b2452877f04233cb37f40923fc98a9728315cbc08c23b98abb638
58458c9c39d176d9adc253f615f6d5d6929025f079b9cea6da5ff75b78412fdb
5acfc48a41239342182d717cae97a3f2eeaadc65de5197a453d9c22916a6d2e8
5d18396e5df4b1ac7aaf50f8f7a6c9eb8f2073122c46609d4f3ae93670e311bf
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3
61c857f49daf5027a73cc384e5e75d01e0b9123a7e77792ab282026f451f6ed9
61ef6ebd83880427254cc60e456ed8e816b0179d2115625952a0172ecf53e1b9
61ff0f6160006980cf92b651931c35f425858672bf8a532f7dacd6a9ac452070
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
690dd115409577130c133cdde79ba47327929e866c61f3f7f54d5d91340ae239
6a0b584588fc7cc820e19ba29f2c983336b939888f5df851ae519bc04ff87a67
6e11ce8ffe786ab9f748b448dd66599c68d16a1601c923c31546b69b0063af67
6ed0d8f86799b2f2e20f0653b1cf9b4db711969437f852eaefa98f5288fa9a08
76931b251108864b8d8bf535da0aa609ff2eb0c35827fbd7461da39724685a25
781eff0e54dfd45e5f3064e27f4ebab8c2b90a47398d1a96a699d74f946df957
7a3633c1e73cd6dda2200977720408e093dd8e7db25deff2ac7bf18571760b98
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d004f0303b89cf4524457a9b6295ab616582c9b005e2d58b4c128211322a834
7d16732fea2b9dc9d4d6cb6221a1b607be03947d5ae0787d3c2048deb7fe4c89
7de118046707df163aeb25eb6119f7129900901e04ce8f9be83546ab2e8c4d92
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81b23c1894eb8d09145323224291e99d2b47fa313100577a67e36381420c123b
832e79d4d0cd803927e8e5b29649f0fae8f54a482cdbeab7a0ea905f11b6c2fc
84b33fea44fd00dbc935defe517aa650933ffb800848947c5bcd66a147d71ecb
85e7bf7815dae442a384cfc0c20501c104a68dd07a413a6a0b6d743b4bc4d558
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8852250970301a870d0a14722a7fda66b2a74bbb65bf2b7b3fe80dc8d8434ee6
8c0596a13aebce5959eb86b8d291fe107960f117c3d656584edb919d9284facd
90bbc803bbd403720482cd55e84209ecf9c216ff3d8197983f4367ef9b293c2d
91fd5059f0aaab89d732115247b30dafe6a1a14a6e8207b81814f127c057fb03
9221a87227e1403f9c4a83e972e099238300319ba2670625b1d160538c15803c
9277af94087ef40472663b98d04319aaa287ac8de958d0ca08c3f8250bc9ff7b
937d5bead8f96253b3b76b7880013bbf01e0752c76e0e9aaf079ad96c97353c2
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95e07b9ed10bad5fc15c9e4eb80c3a5a5a53d45203a8225685ca2f53334b5903
9604dbabba22c1d2ef244a1b76ec794b0fdb510dcfe6b6b7fee3b300e4e25e65
96a433c2aa3c6e980ce6211c142389145af2ecbf228f1fadb6af038092c54bac
97a625a446bc1fda2e0dd47a3c34974b1d24b2e25114fa977f83d1e9818e20be
97d876b0796d55e1a4d9dec67f958fd62674617e5417b92e4584c0397974e9d9
9a9cec6674cbcf903acbced47f3767ff6decdc4a282364f6c0cef79215c24ca2
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
a17e4678a54e9eee5f2e369fde108f5d00dedda59b6390327104f69bfcadec80
a2c1d4a972572426a77461e0ae31ac44b4c1a0fbac553602daef482b1a8fb866
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a6a94ff52ce03a27cc3ba4e86c6ea96e2279e20803643127b6c2a4e400a2e122
a9920fb7bbe1320272d5764d7def7cf8b369d1c79d4b17b8cbf04a237a712c56
ab6e443c2a6585d90251380b4e5bfd091d21fdfc08f99b400cf45a4306df04bd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8b118f318ee62201e74ae2ce6db498dbaa795a405cd44c89e9e0a8e6c1d5d7
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
aecc706dd4ccbdf536a374aa7c4c21b1e249c4d268161a352392fc909bc5fce8
af0308cadb4a248f1d7e7688dc902a2d2e070c008511c5ccf0412202ab8cb446
aff7ece6c26afdfff4d70ffad3a1917717ea3a65ec1fce2187c2fce4a63adb1b
b25773d708f0db073e8bae7fb103e00abab9f636e840c60f959c1aac3170f625
b390e9c2957d47298b18739d70c5f8741a17a925ba24515a7d6672383cc30226
b4831187612ef74589b40199fa2014e002128688eaaf14ebc9d8efa2085ec6f5
b61cc7c14a4428be0acd081e6a914fc718a7d7f40da2940b4aa3e76e309409a4
ba9201f802bc367f2967bf575b0230706129bedbe1e03adbb884ee4e332f92b8
c26d0ba4a7c58359268d0b8e27a3623fb27cf44a876deb2a71683d2e082d135e
c5ab5027d19b6aa32e83657688dc6cdb8c59ac8365a0b530201980a81f2bcb4c
c5ba02994baea9b4000849c605d456307fec2b6fae44f368a5d24837ac3d0787
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7fe152c1a9be1a9d0e160a9e4a2894d5e218a6cd2f2f0af4cff2604536ae4a5
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
c9c34517ae4e71e71bdd03a2934c550844b99a2e917161537afe47cf79a29673
ccfb00fc2c8b64b2947f994dffe143a1ee5f8bf51792317034b76f0414d6211f
cdf8da32cc1aa8005087225016fca4d477184ec099634470bd0d973ecac6a295
ce1852df3f3dfc3da856afb9da76f01db6887952aee93d79c784de6515ff90da
ceda07d1c1502ee0a510b17bf981c5d97e8500263faed52368db84a9563e791d
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d4c1f6eab6131263f57b3d9061e16f1a301b459007456a6e0ca28f103ed5e263
d5605feb6bbe60777088527f4c182a92d6028125511467896a9f21a0edfcd47c
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
dd14ffe0eaf6a3da4288bf7915bdf189ed39ba838a057d6107eac56d566852dc
ddf82210964b032754465df985a020457a65d53d413605a57707602c6bde8fbe
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e066a62ef164512caa140fd3d0dead52fc1e873eec9f4d9d22b33ed0275ff69f
e149fce34c40d54a6cb3595ed70072bef3417f033381a7e0cda77de72fbdfeb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ce6713079ead1665849c2c24d0e0c0f3eb03ce1ad9cc67f3cac847b731d75e
ea1b671766cc4fe0dd9d94393566ca34f9a39af6a23dc4372de7046a2c809028
eb24fb8daa08ff8628f200d3ecfc9850d9632537b342a1ea219002d6d372d5fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f144a33cc86927c783f624044cb7138cebaf7fec4ff9bab71257631e0d94eb1e
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f1d0243164efe31f43fde433247b686d24389285ebdb9f1daa0b27e3c5b91109
f45ec73ed0170ed570970be499256b77b705c4d05c4410a4b186672502a6ccdc
f64bee826bccb356e29b877ba33ae25dbc3cba68d7182aad644ba3e2228524cf
f88ff0374b93768125eb1d74e8912962371ccbe37e5deb2a2614141a6034d3cc
fba9ad5efe96a74d7d1fe24228e8d71baf519437948fdde7d5c9aef6e94fa138
fcf1e885637814fc0c5ee0b07e8bbec9d239aaf48ce05cd798bd1c60c4a4a6ed
fd431359d3a9f7aa606f0e6d95fe3ad040174939b74c4421e544fae1dc90957d

212.104.43.201 Open in urlscan Pro 212.104.43.201 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

258 Requests

38 %HTTPS

36 %IPv6

25 Domains

37 Subdomains

37 IPs

5 Countries

4778 kBTransfer

11268 kBSize

36 Cookies

20 Outgoing links

Redirected requests

258 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

212.104.43.201 Open in urlscan Pro
212.104.43.201 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

258
Requests

38 %
HTTPS

36 %
IPv6

25
Domains

37
Subdomains

37
IPs

5
Countries

4778 kB
Transfer

11268 kB
Size

36
Cookies

258 HTTP transactions
0 data transactions