urlscan.io logo urlscan.io
SecurityTrails logo

20.laiser.co Open in urlscan Pro
144.202.4.237  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://20.laiser.co/first-citizens-bank-check.html
Submission: On November 28 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 8 countries across 23 domains to perform 33 HTTP transactions. The main IP is 144.202.4.237, located in Piscataway, United States and belongs to AS-CHOOPA - Choopa, LLC, US. The main domain is 20.laiser.co.
This is the only time 20.laiser.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Banking (Banking)

Domain & IP information

IP Address AS Autonomous System
3 144.202.4.237 20473 (AS-CHOOPA)
2 2001:4de0:ac1... 20446 (HIGHWINDS3)
4 69.89.129.19 22976 (FIRST-CIT...)
1 192.99.3.130 16276 (OVH)
2 159.253.23.250 198068 (PAGM-AS)
1 68.66.248.22 55293 (A2HOSTING)
1 192.69.235.57 33494 (IHNET)
1 192.185.14.219 46606 (UNIFIEDLA...)
1 3.121.173.160 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (HIGHWINDS3)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 52.216.162.235 16509 (AMAZON-02)
1 2 192.138.18.205 32244 (LIQUIDWEB)
1 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.81.193.95 11320 (LIGHTEDGE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 46.105.201.240 16276 (OVH)
1 192.99.8.34 16276 (OVH)
33 24
3    144.202.4.237 (Piscataway, United States)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: 144.202.4.237.vultr.com
20.laiser.co
2    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
stackpath.bootstrapcdn.com
4    69.89.129.19 (United States)

ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US)
PTR: fcb.emails.firstcitizens.com
www.firstcitizens.com
1    192.99.3.130 (Toronto, Canada)

ASN16276 (OVH, FR)
PTR: ns559289.ip-192-99-3.net
online-banking.org
2    159.253.23.250 (Estonia)

ASN198068 (PAGM-AS, EE)
PTR: hardmandev.com
rtn.one
1    68.66.248.22 (Ann Arbor, United States)

ASN55293 (A2HOSTING - A2 Hosting, Inc., US)
PTR: nl1-ss7.a2hosting.com
bankamity.com
1    192.69.235.57 (Chatsworth, United States)

ASN33494 (IHNET - IHNetworks, LLC, US)
PTR: celtics.unisonplatform.com
banksroutingnumber.com
1    192.185.14.219 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: ns8264.websitewelcome.com
www.ekopamag.com
1    3.121.173.160 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-121-173-160.eu-central-1.compute.amazonaws.com
bank-routing.org
1    2606:4700:20::681a:5fa (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
bank-code.net
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
n6s6b6w9.stackpathcdn.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
lookaside.fbsbx.com
1    52.216.162.235 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
matchbin-assets.s3.amazonaws.com
2    192.138.18.205 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: sky.quiettide.com
towndock.net
1    2a02:26f0:64:5a8::2a1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
is5-ssl.mzstatic.com
1    2a00:1450:4001:819::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
i.ytimg.com
1    216.81.193.95 (United States)

ASN11320 (LIGHTEDGE-AS-02 - LightEdge Solutions, US)
PTR: ip95.city.ames.ia.us
www.myfcb.bank
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
lh3.googleusercontent.com
3    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
encrypted-tbn0.gstatic.com
1    2600:9000:21f3:5400:0:5a51:64c9:c681 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
farm6.staticflickr.com
1    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
code.jquery.com
1    2606:4700::6811:4104 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
Domain Requested by
4 www.firstcitizens.com 20.laiser.co
3 encrypted-tbn0.gstatic.com 20.laiser.co
3 20.laiser.co 20.laiser.co
2 towndock.net 1 redirects 20.laiser.co
2 rtn.one 20.laiser.co
2 stackpath.bootstrapcdn.com 20.laiser.co
1 s4.histats.com s10.histats.com
1 s10.histats.com 20.laiser.co
1 cdnjs.cloudflare.com 20.laiser.co
1 code.jquery.com 20.laiser.co
1 farm6.staticflickr.com 20.laiser.co
1 lh3.googleusercontent.com 20.laiser.co
1 www.myfcb.bank 20.laiser.co
1 i.ytimg.com 20.laiser.co
1 is5-ssl.mzstatic.com 20.laiser.co
1 matchbin-assets.s3.amazonaws.com 20.laiser.co
1 lookaside.fbsbx.com 20.laiser.co
1 n6s6b6w9.stackpathcdn.com 20.laiser.co
1 bank-code.net 20.laiser.co
1 bank-routing.org 20.laiser.co
1 www.ekopamag.com 20.laiser.co
1 banksroutingnumber.com 20.laiser.co
1 bankamity.com 20.laiser.co
1 online-banking.org 20.laiser.co
33 24
Subject Issuer Validity Valid
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
www.firstcitizens.com
DigiCert SHA2 Extended Validation Server CA		 2018-02-16 -
2020-02-17		 2 years crt.sh
rtn.one
Let's Encrypt Authority X3		 2019-10-20 -
2020-01-18		 3 months crt.sh
banksroutingnumber.com
cPanel, Inc. Certification Authority		 2019-09-21 -
2019-12-20		 3 months crt.sh
bank-routing.org
Let's Encrypt Authority X3		 2019-11-17 -
2020-02-15		 3 months crt.sh
bank-code.net
CloudFlare Inc ECC CA-2		 2019-06-08 -
2020-06-07		 a year crt.sh
*.stackpathcdn.com
Go Daddy Secure Certificate Authority - G2		 2019-06-27 -
2021-06-27		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-11-06 -
2020-02-04		 3 months crt.sh
towndock.net
cPanel, Inc. Certification Authority		 2019-10-23 -
2020-01-21		 3 months crt.sh
itunes.apple.com
DigiCert SHA2 Extended Validation Server CA		 2019-10-28 -
2020-10-28		 a year crt.sh
edgestatic.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
www.myfcb.bank
GeoTrust TLS RSA CA G1		 2019-02-19 -
2020-03-20		 a year crt.sh
*.googleusercontent.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-11-05 -
2020-01-28		 3 months crt.sh
static.flickr.com
Amazon		 2019-04-09 -
2020-05-09		 a year crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-11-20 -
2020-05-28		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://20.laiser.co/first-citizens-bank-check.html
Frame ID: 3D3AB42772DDF2784FD5479295DBC87A
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

33
Requests

73 %
HTTPS

42 %
IPv6

23
Domains

24
Subdomains

24
IPs

8
Countries

1159 kB
Transfer

1417 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • http://towndock.net/img/15260.jpg HTTP 301
  • https://towndock.net/img/15260.jpg

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request first-citizens-bank-check.html
20.laiser.co/ 		48 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
144.202.4.237 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
144.202.4.237.vultr.com
Software
nginx /
Resource Hash
cb426872f100e143fed00be6e13ad65d3ac4c99ad324c25a37e064194a3f67f0

Request headers

Host
20.laiser.co
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Thu, 28 Nov 2019 15:46:54 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 		138 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://20.laiser.co/first-citizens-bank-check.html
Origin
http://20.laiser.co

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:34:11 GMT
access-control-allow-origin
*
etag
"1544639651"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
21050
style.css
20.laiser.co/templates/3/ 		443 B
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://20.laiser.co/templates/3/style.css
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
144.202.4.237 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
144.202.4.237.vultr.com
Software
nginx /
Resource Hash
805b6b7da98078fe42f6dae47391d5ac82425293cead4c9e0f1e2cb72e942c34

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Sep 2019 12:49:34 GMT
Server
nginx
ETag
W/"1bb-592ab09247380"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Digital_Banking_Consumer_MobileTablet_Demo.png
www.firstcitizens.com/content/images/digital/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/content/images/digital/Digital_Banking_Consumer_MobileTablet_Demo.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.89.129.19 , United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS
fcb.emails.firstcitizens.com
Software
Apache /
Resource Hash
57708ec9db0d658fdd91ae4d7b9b129ce07da1b707ee2f1250ea51523ddca1d2

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Last-Modified
Thu, 27 Jun 2019 20:04:15 GMT
Server
Apache
ETag
"40028-e74b-58c53aa8b8dc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
59211
business_digital_deposit_checks.png
www.firstcitizens.com/content/images/digital/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/content/images/digital/business_digital_deposit_checks.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.89.129.19 , United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS
fcb.emails.firstcitizens.com
Software
Apache /
Resource Hash
8af05d24cf0b103048d4a3269bea5f6f1261fdef6d500d28426be4fde93dc1e2

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Last-Modified
Thu, 27 Jun 2019 20:04:15 GMT
Server
Apache
ETag
"48c22-5f27-58c53aa8b8dc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
24359
Digital_Banking_Consumer_ManageAccounts_NoDemo.png
www.firstcitizens.com/content/images/digital/ 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/content/images/digital/Digital_Banking_Consumer_ManageAccounts_NoDemo.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.89.129.19 , United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS
fcb.emails.firstcitizens.com
Software
Apache /
Resource Hash
0c2fcbcfcc825cc517d8976af98d147bdf3b9397ec316253198ff811fdbcbb08

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Last-Modified
Thu, 27 Jun 2019 20:04:15 GMT
Server
Apache
ETag
"48bfd-a486-58c53aa8b8dc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
42118
fcb-check.png
online-banking.org/wp-content/uploads/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://online-banking.org/wp-content/uploads/fcb-check.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
192.99.3.130 Toronto, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns559289.ip-192-99-3.net
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
6f1a324101fcc81c74c85b2f8da8ddc611ce79d6ca5fb367ded86a4628806d89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
X-Content-Type-Options
nosniff
X-Original-Content-Length
15708
Server
Apache/2.4.18 (Ubuntu)
Etag
W/"PSA-aj-vgyT9gcSlI"
Content-Type
image/png
Cache-Control
max-age=242
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
15151
Expires
Thu, 28 Nov 2019 15:50:57 GMT
275071288.png
rtn.one/wa-data/public/site/rtn/275/071/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtn.one/wa-data/public/site/rtn/275/071/275071288.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.253.23.250 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
hardmandev.com
Software
nginx/1.12.1 /
Resource Hash
15bb031e96544747551e9647cb57d30437a0bc3a88c6b61ce8113eea2352af19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Last-Modified
Thu, 30 Aug 2018 19:12:14 GMT
Server
nginx/1.12.1
ETag
"5b88418e-1927a"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103034
Expires
Sat, 28 Dec 2019 15:46:54 GMT
125107671.png
rtn.one/wa-data/public/site/rtn/125/107/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtn.one/wa-data/public/site/rtn/125/107/125107671.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.253.23.250 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
hardmandev.com
Software
nginx/1.12.1 /
Resource Hash
b9164cc63ccbce1f1137817ac3c326fc7a034aa8bbee8fdd9d893be3a869a938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Last-Modified
Thu, 30 Aug 2018 16:53:14 GMT
Server
nginx/1.12.1
ETag
"5b8820fa-166bc"
Strict-Transport-Security
max-age=31536000;
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91836
Expires
Sat, 28 Dec 2019 15:46:54 GMT
First-Citizens-Bank-Check.jpg
bankamity.com/wp-content/uploads/2019/03/ 		52 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://bankamity.com/wp-content/uploads/2019/03/First-Citizens-Bank-Check.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
68.66.248.22 Ann Arbor, United States, ASN55293 (A2HOSTING - A2 Hosting, Inc., US),
Reverse DNS
nl1-ss7.a2hosting.com
Software
Apache /
Resource Hash
8214a6d8a5c77a6f4c965f9ce2a645c5dd8343b4bd0d1e3a7dd407df8a113920
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Connection
Upgrade, Keep-Alive
Content-Length
41686
Pragma
public
Last-Modified
Mon, 25 Mar 2019 07:31:29 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"cf90-584e6315bd640-gzip"
Vary
Accept-Encoding,User-Agent
Strict-Transport-Security
max-age=63072000; includeSubDomains
Upgrade
h2,h2c
Cache-Control
max-age=604800, public, public
Accept-Ranges
bytes
Content-Type
image/jpeg
Keep-Alive
timeout=5, max=100
Expires
Fri, 27 Nov 2020 15:46:54 GMT
MobileTablet_Consumer_Header_Demo.png
www.firstcitizens.com/content/images/digital/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.firstcitizens.com/content/images/digital/MobileTablet_Consumer_Header_Demo.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.89.129.19 , United States, ASN22976 (FIRST-CITIZENS-01 - First Citizens Bank, US),
Reverse DNS
fcb.emails.firstcitizens.com
Software
Apache /
Resource Hash
a5ffe9679c8f1d04819e37eb35baedcb8ad9c06e0384fcb53f0b12604174fd57

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Last-Modified
Thu, 27 Jun 2019 20:04:15 GMT
Server
Apache
ETag
"48c17-8d1f-58c53aa8b8dc0"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=15, max=200
Content-Length
36127
Check_RoutingNumber-1024x524-1.jpg
banksroutingnumber.com/wp-content/uploads/2018/11/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banksroutingnumber.com/wp-content/uploads/2018/11/Check_RoutingNumber-1024x524-1.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.69.235.57 Chatsworth, United States, ASN33494 (IHNET - IHNetworks, LLC, US),
Reverse DNS
celtics.unisonplatform.com
Software
Apache /
Resource Hash
294beebcdaf47d9556fc6947b3c323b894660409a67d04f886486f06d12e5d02

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 28 Nov 2019 15:53:22 GMT
last-modified
Sat, 21 Sep 2019 05:44:06 GMT
server
Apache
accept-ranges
bytes
content-length
36580
content-type
image/jpeg
First-Citizens-Bank-Routing-Number.png
www.ekopamag.com/wp-content/uploads/2018/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.ekopamag.com/wp-content/uploads/2018/06/First-Citizens-Bank-Routing-Number.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
192.185.14.219 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
ns8264.websitewelcome.com
Software
Apache /
Resource Hash
9584cf800630d6862549a0bbf1a550c4cd0acac3a6f3182c977f0d48b2315d7e

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Last-Modified
Mon, 11 Jun 2018 04:48:24 GMT
Server
Apache
Upgrade
h2,h2c
Cache-Control
public
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Content-Type
image/png
Keep-Alive
timeout=5, max=75
Content-Length
3652
Expires
Fri, 27 Nov 2020 15:46:54 GMT
routing-example-101089823.png
bank-routing.org/img/routing_numbers/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank-routing.org/img/routing_numbers/routing-example-101089823.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.121.173.160 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-121-173-160.eu-central-1.compute.amazonaws.com
Software
nginx/1.16.0 /
Resource Hash
c4a309562217eb9a8bb6f08c6de8a123cbd9a0644beacb6808fe4345d818dfae

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
content-encoding
gzip
age
37
x-ezoic-cdn
Hit ds;mm;3e4f3d690ba5debe30046d2fa5ee1438;2-115358-2;2a1e5364-46ec-439f-5027-362becada667
status
200
x-middleton-display
staticcontent_sol
x-shard
x-middleton-response
200
response
200
last-modified
Thu, 28 Nov 2019 15:30:18 GMT
server
nginx/1.16.0
etag
"5ccc52ce-a92b-gzip"
vary
User-Agent,Origin,Accept-Encoding,X-APP-JSON
x-varnish
608686024 612088177
via
1.1 varnish (Varnish/6.0)
cache-control
max-age=315360000
x-vcache
Hit
accept-ranges
bytes
content-type
image/png
display
staticcontent_sol
infographic_aba_routing.gif
bank-code.net/resources/images/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bank-code.net/resources/images/infographic_aba_routing.gif
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:5fa , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
dCIaxp7JeyK5Wkjw4h0jEZ1JJvyK3X_DCparzYhaVItHzmAg9BUNDxKwjADMEyZYjeQ
n6s6b6w9.stackpathcdn.com/client/h_310q_lossyret_wait/https://lh3.googleusercontent.com/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n6s6b6w9.stackpathcdn.com/client/h_310q_lossyret_wait/https://lh3.googleusercontent.com/dCIaxp7JeyK5Wkjw4h0jEZ1JJvyK3X_DCparzYhaVItHzmAg9BUNDxKwjADMEyZYjeQ
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
46a459afa1599ea57e10ba0b3b554ca975e6d9fb503dcb1a6ab9b4aac261bd9a

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
server
nginx
access-control-allow-origin
*
etag
f5ef8ac6dfcfc0b86193c2f9e1b90bfa
x-hw
1574956014.cds131.fr8.hn,1574956014.cds127.fr8.c
content-type
image/png
status
200
cache-control
max-age=2591985, s-maxage=2591985
accept-ranges
bytes
link
<https://lh3.googleusercontent.com/dCIaxp7JeyK5Wkjw4h0jEZ1JJvyK3X_DCparzYhaVItHzmAg9BUNDxKwjADMEyZYjeQ>; rel="canonical"
content-length
24825
/
lookaside.fbsbx.com/lookaside/crawler/media/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lookaside.fbsbx.com/lookaside/crawler/media/?media_id\u003d237146966410436
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers
EN2R_First_Citizens_2.jpg
matchbin-assets.s3.amazonaws.com/public/sites/486/assets/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matchbin-assets.s3.amazonaws.com/public/sites/486/assets/EN2R_First_Citizens_2.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
52.216.162.235 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e920f5d6ab3ca7c8ee6dcb431b8c066614c67f6acbc273c0640d1487bed7a4c

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Last-Modified
Wed, 13 Jul 2011 20:02:10 GMT
Server
AmazonS3
x-amz-request-id
56423DEDECB09D7C
ETag
"a16c4b174782c7a11f7a8285326d0853"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
20890
x-amz-id-2
vqi+wDyjYAAZHYpWhGf7Xj5aev5xinbaEsuMUyGdDZ3phHdsEh7E+E0oM1ROVEk9FD29lBqqJdA=
15260.jpg
towndock.net/img/
Redirect Chain
  • http://towndock.net/img/15260.jpg
  • https://towndock.net/img/15260.jpg
56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://towndock.net/img/15260.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.138.18.205 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
sky.quiettide.com
Software
Apache /
Resource Hash
324db6d9c509b4d7940d66e5b630c70e240d1c397ebe41a7058163ac2fadeab2

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:55 GMT
last-modified
Tue, 08 Oct 2013 22:02:10 GMT
server
Apache
vary
User-Agent
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
56976
expires
Sat, 28 Dec 2019 15:46:55 GMT

Redirect headers

Location
https://towndock.net/img/15260.jpg
Date
Thu, 28 Nov 2019 15:46:54 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=300
Content-Length
242
Content-Type
text/html; charset=iso-8859-1
750x750bb.jpeg
is5-ssl.mzstatic.com/image/thumb/Purple113/v4/dd/1e/48/dd1e4853-9594-a30b-60eb-afdb542e9d50/pr_source.png/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is5-ssl.mzstatic.com/image/thumb/Purple113/v4/dd/1e/48/dd1e4853-9594-a30b-60eb-afdb542e9d50/pr_source.png/750x750bb.jpeg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:64:5a8::2a1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
8a4310362f02b89e0c675dc1423629d75d46f911529e6855b5e0026d707900e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-apple-jingle-correlation-key
J4OV36AUFJ4UYKXQUWLFJIO7
strict-transport-security
max-age=31536000; includeSubDomains
x-cache-remote
TCP_HIT from a2-16-181-69.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
x-daiquiri-instance
daiquiri:35887001:pv50p00it-hyhk12043701:7987:19P12
status
200
date
Thu, 28 Nov 2019 15:46:54 GMT
last-modified
Thu, 28 Nov 2019 15:46:02 GMT
x-cache
TCP_MISS from a2-20-132-18.deploy.akamaitechnologies.com (AkamaiGHost/9.8.5.1.1-27758809) (-)
content-length
38625
cache-control
no-transform, max-age=14000937
apple-tk
false
server
daiquiri/3.0.0
apple-seq
0.0
etag
"EJ56X1Zgd7PilgsKYCQCIQ=="
apple-originating-system
AIImageService
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
x-apple-request-uuid
4f1d5df8-142a-794c-2af0-a59654a1df
maxresdefault.jpg
i.ytimg.com/vi/yOLJbQ7bmZs/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/yOLJbQ7bmZs/maxresdefault.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
65d503426efb79b53addf6ca49e080cb69f548cfbee1e4de760fb3b9e217bff9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:17 GMT
x-content-type-options
nosniff
server
sffe
age
37
etag
"0"
content-type
image/jpeg
status
200
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
157202
x-xss-protection
0
expires
Thu, 28 Nov 2019 17:46:17 GMT
scam-alert-website.jpg
www.myfcb.bank/uploads/userfiles/files/images/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.myfcb.bank/uploads/userfiles/files/images/scam-alert-website.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
216.81.193.95 , United States, ASN11320 (LIGHTEDGE-AS-02 - LightEdge Solutions, US),
Reverse DNS
ip95.city.ames.ia.us
Software
Microsoft-IIS/10.0 /
Resource Hash
b7f45d80c2f043ea7c16452a17a0f9f53524b954b8e872fd46bec789589f2f33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 Jun 2019 21:10:17 GMT
server
Microsoft-IIS/10.0
x-frame-options
sameorigin
p3p
Our site does not have a P3P Policy, please see our privacy policy for more information.
status
200
cache-control
max-age=7776000
accept-ranges
bytes
content-type
image/jpeg
content-length
227166
x-xss-protection
1; mode=block
x-ua-compatible
IE=Edge
NjJXu3qD-lb-l3J6VBesh2CoUYNvjWx2rmrrnz4QKeFjcXndqGbq-W8f1Zbsq7nldw
lh3.googleusercontent.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/NjJXu3qD-lb-l3J6VBesh2CoUYNvjWx2rmrrnz4QKeFjcXndqGbq-W8f1Zbsq7nldw
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
fife /
Resource Hash
0a812819e4b2862095f346c4716f06eb22dd50143267b1398e1a839bc1b5b137
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:17 GMT
x-content-type-options
nosniff
age
37
status
200
content-disposition
inline;filename="unnamed.png"
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
11632
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 29 Nov 2019 15:46:17 GMT
images
encrypted-tbn0.gstatic.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRe7--41z0vwnqtAGE-ZjIp8XJ5K89dBX2fJ11SViRfVzW53-4E
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
e03ddb2c2f562fd5043aa2a7976ffe2492e99b860df6ea9b27c148b24a4031ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 25 May 2017 09:01:49 GMT
server
sffe
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
5363
x-xss-protection
0
expires
Fri, 27 Nov 2020 15:46:54 GMT
lock.png
20.laiser.co/assets/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://20.laiser.co/assets/images/lock.png
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
144.202.4.237 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
144.202.4.237.vultr.com
Software
nginx /
Resource Hash
590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Last-Modified
Thu, 20 Dec 2018 23:11:18 GMT
Server
nginx
ETag
"4614-57d7c3f7b1180"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17940
5792189822_d7ea42d18a_n.jpg
farm6.staticflickr.com/5061/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://farm6.staticflickr.com/5061/5792189822_d7ea42d18a_n.jpg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:5400:0:5a51:64c9:c681 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Jubilee /
Resource Hash
9a1425856341c4d319c650074e3b5736d687fd511c131529253a869b7be90d5c
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

age
1705876
surrogate-control
public, max-age=31536000
status
200
edge-control
public, max-age=31536000
x-ttfb
0.1771
imagewidth
320
x-ttdb-l
20120
ourvalues
Grow Together (#1 of 5)
etag
"f5aef969ab9dbc15d01669b5b9a1e48e.1"
x-frame-options
DENY
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
imageheight
250
cache-control
public, max-age=31536000
hiring
Change the world of photography with us. https://www.flickr.com/jobs/
expires
Thu, 17 Sep 2020 21:05:03 GMT
date
Wed, 18 Sep 2019 21:05:03 GMT
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
mib
2
x-amz-cf-pop
FRA2-C2
x-env
a=live, b=jubilee, c=ec58e149, e=0b2ff86, f=abd3513
x-cache
Hit from cloudfront
p3p
CP="This is not a P3P policy. We respect your privacy."
streaming
false
powered-by
Mutation/1.0
x-request-id
55956350
x-ua-compatible
IE=edge
last-modified
Tue, 14 May 2019 06:32:25 GMT
server
Jubilee
quote
"I'm not a kid anymore, I'm one of you, one of the X-Men. It means more to me than anything in the world."
origintype
X
x-amz-cf-id
1kRdyYNr9r0gkuvgkMi8PyxIka83uuWEJnoegnqsMaUvJPAiRWetKw==
jquery-3.3.1.slim.min.js
code.jquery.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://20.laiser.co/first-citizens-bank-check.html
Origin
http://20.laiser.co

Response headers

Date
Thu, 28 Nov 2019 15:46:54 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Jan 2018 17:26:44 GMT
Server
nginx
ETag
W/"5a637bd4-1111d"
Vary
Accept-Encoding
X-HW
1574956014.dop149.fr8.shc,1574956014.dop149.fr8.t,1574956014.cds124.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
24038
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4104 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://20.laiser.co/first-citizens-bank-check.html
Origin
http://20.laiser.co

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
content-encoding
br
cf-cache-status
HIT
age
19589938
cf-ray
53cd7a30eb75cba0-VIE
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:22 GMT
server
cloudflare
etag
W/"5afd4abe-4f71"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 17 Nov 2020 15:46:54 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.009
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 		50 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
/
Resource Hash
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://20.laiser.co/first-citizens-bank-check.html
Origin
http://20.laiser.co

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
content-encoding
gzip
last-modified
Wed, 12 Dec 2018 18:33:54 GMT
access-control-allow-origin
*
etag
"1544639634"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
status
200
cache-control
public, max-age=31536000
x-hello-human
Say hello back! @getBootstrapCDN on Twitter
accept-ranges
bytes
timing-allow-origin
*
content-length
14090
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:40:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 14:12:12 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-139234964"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4761
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4525
X-Request-ID
67797256
images
encrypted-tbn0.gstatic.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcS_DJP4oklz9zFUZxZb3bBxiL2CIV0-hZRZDzi4IqcDRx5DZVcc
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7fb772526a664f8c46be3ba44e4523c2c2f833003a21c3b4c045dc7fd9889bb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Aug 2019 03:35:06 GMT
server
sffe
access-control-allow-origin
*
content-type
image/png
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7026
x-xss-protection
0
expires
Fri, 27 Nov 2020 15:46:54 GMT
images
encrypted-tbn0.gstatic.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRa_PvsCaR1FqebufyiANhywBYnT5mwpA-SlEBTPRg0CKR-z7gVIg
Requested by
Host: 20.laiser.co
URL: http://20.laiser.co/first-citizens-bank-check.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
eca9025b5feea511d032665a90fde254807cd9895b928804bdfe697c09c24f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 28 Nov 2019 15:46:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 02 Oct 2017 10:42:44 GMT
server
sffe
access-control-allow-origin
*
content-type
image/jpeg
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10931
x-xss-protection
0
expires
Fri, 27 Nov 2020 15:46:54 GMT
0.php
s4.histats.com/stats/ 		51 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
http://s4.histats.com/stats/0.php?4245400&@f16&@g1&@h1&@i1&@j1574956014780&@k0&@l1&@mFirst%20Citizens%20Bank%20Check%20%7C%20Wiring%20Schematic%20Diagram%20-%2020.laiser.co&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:175963404&@b3:1574956015&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttp%3A%2F%2F20.laiser.co%2Ffirst-citizens-bank-check.html&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
63d885447e4be3c0e748e13a6ca125cf6991cf6d41bba26d9a9d629f63c4094b

Request headers

Referer
http://20.laiser.co/first-citizens-bank-check.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 28 Nov 2019 15:46:55 GMT
Connection
close
Content-Length
51
Content-Type
text/html;charset=UTF-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Banking (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| Popper object| bootstrap object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues

7 Cookies

Domain/Path Name / Value
20.laiser.co/ Name: HstCnv4245400
Value: 1
20.laiser.co/ Name: HstCns4245400
Value: 1
20.laiser.co/ Name: HstPt4245400
Value: 1
20.laiser.co/ Name: HstCla4245400
Value: 1574956014780
20.laiser.co/ Name: HstPn4245400
Value: 1
20.laiser.co/ Name: HstCmu4245400
Value: 1574956014780
20.laiser.co/ Name: HstCfa4245400
Value: 1574956014780

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20.laiser.co
bank-code.net
bank-routing.org
bankamity.com
banksroutingnumber.com
cdnjs.cloudflare.com
code.jquery.com
encrypted-tbn0.gstatic.com
farm6.staticflickr.com
i.ytimg.com
is5-ssl.mzstatic.com
lh3.googleusercontent.com
lookaside.fbsbx.com
matchbin-assets.s3.amazonaws.com
n6s6b6w9.stackpathcdn.com
online-banking.org
rtn.one
s10.histats.com
s4.histats.com
stackpath.bootstrapcdn.com
towndock.net
www.ekopamag.com
www.firstcitizens.com
www.myfcb.bank
144.202.4.237
151.139.128.10
159.253.23.250
192.138.18.205
192.185.14.219
192.69.235.57
192.99.3.130
192.99.8.34
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:3b
216.81.193.95
2600:9000:21f3:5400:0:5a51:64c9:c681
2606:4700:20::681a:5fa
2606:4700::6811:4104
2a00:1450:4001:80b::2001
2a00:1450:4001:819::2016
2a00:1450:4001:821::200e
2a02:26f0:64:5a8::2a1
2a03:2880:f01c:8012:face:b00c:0:3
3.121.173.160
46.105.201.240
52.216.162.235
68.66.248.22
69.89.129.19
0a812819e4b2862095f346c4716f06eb22dd50143267b1398e1a839bc1b5b137
0c2fcbcfcc825cc517d8976af98d147bdf3b9397ec316253198ff811fdbcbb08
15bb031e96544747551e9647cb57d30437a0bc3a88c6b61ce8113eea2352af19
1e920f5d6ab3ca7c8ee6dcb431b8c066614c67f6acbc273c0640d1487bed7a4c
1f730c8b78091c3479abc2fb805b9093138f05acd0de421b8da96389cbbb9668
294beebcdaf47d9556fc6947b3c323b894660409a67d04f886486f06d12e5d02
324db6d9c509b4d7940d66e5b630c70e240d1c397ebe41a7058163ac2fadeab2
46a459afa1599ea57e10ba0b3b554ca975e6d9fb503dcb1a6ab9b4aac261bd9a
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
57708ec9db0d658fdd91ae4d7b9b129ce07da1b707ee2f1250ea51523ddca1d2
590f387b0eb98f9507c0697fc62872b8f4047201e2daa1c4dd3169fdc5614d43
63d885447e4be3c0e748e13a6ca125cf6991cf6d41bba26d9a9d629f63c4094b
65d503426efb79b53addf6ca49e080cb69f548cfbee1e4de760fb3b9e217bff9
6f1a324101fcc81c74c85b2f8da8ddc611ce79d6ca5fb367ded86a4628806d89
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7fb772526a664f8c46be3ba44e4523c2c2f833003a21c3b4c045dc7fd9889bb4
805b6b7da98078fe42f6dae47391d5ac82425293cead4c9e0f1e2cb72e942c34
8214a6d8a5c77a6f4c965f9ce2a645c5dd8343b4bd0d1e3a7dd407df8a113920
8a4310362f02b89e0c675dc1423629d75d46f911529e6855b5e0026d707900e7
8af05d24cf0b103048d4a3269bea5f6f1261fdef6d500d28426be4fde93dc1e2
9584cf800630d6862549a0bbf1a550c4cd0acac3a6f3182c977f0d48b2315d7e
9a1425856341c4d319c650074e3b5736d687fd511c131529253a869b7be90d5c
a5ffe9679c8f1d04819e37eb35baedcb8ad9c06e0384fcb53f0b12604174fd57
b7f45d80c2f043ea7c16452a17a0f9f53524b954b8e872fd46bec789589f2f33
b9164cc63ccbce1f1137817ac3c326fc7a034aa8bbee8fdd9d893be3a869a938
c4a309562217eb9a8bb6f08c6de8a123cbd9a0644beacb6808fe4345d818dfae
cb426872f100e143fed00be6e13ad65d3ac4c99ad324c25a37e064194a3f67f0
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e03ddb2c2f562fd5043aa2a7976ffe2492e99b860df6ea9b27c148b24a4031ff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eca9025b5feea511d032665a90fde254807cd9895b928804bdfe697c09c24f8d
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e