fifthy3bank.dd-dns.de Open in urlscan Pro
45.92.124.67 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://fifthy3bank.dd-dns.de/53b/main.php
Submission: On December 10 via automatic, source openphish (December 10th 2021, 1:09:22 pm UTC) — Scanned from DE

Summary HTTP 181 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 25 domains to perform 181 HTTP transactions. The main IP is 45.92.124.67, located in Los Angeles, United States and belongs to DEDIPATH-LLC, US. The main domain is fifthy3bank.dd-dns.de.

This is the only time fifthy3bank.dd-dns.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fifth Third Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
37	45.92.124.67 45.92.124.67	35913 (DEDIPATH-LLC) (DEDIPATH-LLC)
23	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
15	185.32.241.65 185.32.241.65	30286 (THM) (THM)
1 7	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
7	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 3	54.194.29.148 54.194.29.148	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	54.154.165.122 54.154.165.122	16509 (AMAZON-02) (AMAZON-02)
23	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2.16.186.56 2.16.186.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	93.184.220.66 93.184.220.66	15133 (EDGECAST) (EDGECAST)
1 3	142.0.160.57 142.0.160.57	7160 (NETDYNAMICS) (NETDYNAMICS)
3 5	142.0.173.134 142.0.173.134	7160 (NETDYNAMICS) (NETDYNAMICS)
2	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1 3	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
181	31

37 45.92.124.67 (Los Angeles, United States)

ASN35913 (DEDIPATH-LLC, US)

fifthy3bank.dd-dns.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.32.241.65 (United States)

ASN30286 (THM, US)

event.evtm.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 184.30.24.121 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:2b0::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.194.29.148 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-29-148.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.165.122 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-165-122.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.56 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com

fast.fifththird.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.42.5 (United States) 2 redirects

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.0.160.57 (Ashburn, United States) 1 redirects

ASN7160 (NETDYNAMICS, US)
PTR: mail01.academic.hbsp.harvard.edu

eloqua.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.0.173.134 (United States) 3 redirects

ASN7160 (NETDYNAMICS, US)

contactforms.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

tms.53.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	dd-dns.de fifthy3bank.dd-dns.de	711 KB
25	53.com 4 redirects event.evtm.53.com eloqua.53.com contactforms.53.com tms.53.com	143 KB
23	google.de www.google.de	2 KB
23	google.com www.google.com	2 KB
23	doubleclick.net googleads.g.doubleclick.net	26 KB
12	googletagmanager.com www.googletagmanager.com	462 KB
7	adobedtm.com assets.adobedtm.com	158 KB
7	twitter.com analytics.twitter.com platform.twitter.com syndication.twitter.com	208 KB
6	addthis.com 1 redirects s7.addthis.com m.addthis.com	243 KB
4	online-metrix.net 1 redirects h.online-metrix.net 3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net	16 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	t.co 2 redirects t.co	2 KB
4	demdex.net 1 redirects dpm.demdex.net fast.fifththird.demdex.net	6 KB
2	googleadservices.com www.googleadservices.com	29 KB
2	everesttech.net 2 redirects cm.everesttech.net	772 B
2	mathtag.com 1 redirects pixel.mathtag.com	2 KB
2	facebook.net connect.facebook.net	37 KB
1	addthisedge.com v1.addthisedge.com	694 B
1	facebook.com www.facebook.com	407 B
1	moatads.com z.moatads.com	1 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	en25.com img.en25.com	3 KB
1	licdn.com snap.licdn.com	2 KB
1	ads-twitter.com static.ads-twitter.com	6 KB
1	googleapis.com fonts.googleapis.com	1 KB
181	25

	Domain	Requested by
37	fifthy3bank.dd-dns.de	fifthy3bank.dd-dns.de
23	www.google.de	fifthy3bank.dd-dns.de
23	www.google.com	fifthy3bank.dd-dns.de
23	googleads.g.doubleclick.net	fifthy3bank.dd-dns.de www.googleadservices.com
15	event.evtm.53.com	fifthy3bank.dd-dns.de event.evtm.53.com
12	www.googletagmanager.com	assets.adobedtm.com fifthy3bank.dd-dns.de
7	assets.adobedtm.com	fifthy3bank.dd-dns.de assets.adobedtm.com
5	contactforms.53.com	3 redirects fifthy3bank.dd-dns.de
5	s7.addthis.com	1 redirects fifthy3bank.dd-dns.de s7.addthis.com
4	t.co	2 redirects fifthy3bank.dd-dns.de
3	h.online-metrix.net	1 redirects event.evtm.53.com
3	eloqua.53.com	1 redirects fifthy3bank.dd-dns.de
3	dpm.demdex.net	1 redirects assets.adobedtm.com fifthy3bank.dd-dns.de
3	analytics.twitter.com	fifthy3bank.dd-dns.de static.ads-twitter.com
2	tms.53.com	assets.adobedtm.com
2	syndication.twitter.com	platform.twitter.com
2	platform.twitter.com	fifthy3bank.dd-dns.de
2	px.ads.linkedin.com	2 redirects
2	www.googleadservices.com	www.googletagmanager.com
2	cm.everesttech.net	2 redirects
2	pixel.mathtag.com	1 redirects fifthy3bank.dd-dns.de
2	connect.facebook.net	assets.adobedtm.com connect.facebook.net
1	3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	www.facebook.com	fifthy3bank.dd-dns.de
1	z.moatads.com	s7.addthis.com
1	px4.ads.linkedin.com	fifthy3bank.dd-dns.de
1	www.linkedin.com	1 redirects
1	fast.fifththird.demdex.net	assets.adobedtm.com
1	fonts.gstatic.com	fonts.googleapis.com
1	img.en25.com	fifthy3bank.dd-dns.de
1	snap.licdn.com	assets.adobedtm.com
1	static.ads-twitter.com	assets.adobedtm.com
1	fonts.googleapis.com	fifthy3bank.dd-dns.de
181	35

This site contains links to these domains. Also see Links.

Domain
locations.53.com
express.53.com
onlinebanking.53.com
ir.53.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
evtm.53.com DigiCert Global CA G2	`2021-10-01` - `2022-08-31`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-18` - `2021-12-17`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 11 frames:

Primary Page: http://fifthy3bank.dd-dns.de/53b/main.php
Frame ID: 7BD46D251F0A54FF4D75EA099409B403
Requests: 156 HTTP requests in this frame

Frame: http://fast.fifththird.demdex.net/dest5.html?d_nsid=0
Frame ID: 2833D351BBA0F8B8CFF1EF1204D6CF84
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FB664C60896CA1DCED508433DEFA473D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.53.com
Frame ID: ABAE7E68F91F67F44E6348C794C5D69A
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Ffifthy3bank.dd-dns.de
Frame ID: 46100D6E68408687F1E07D77A690460B
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B1FCD890F992AB202AC9FDC63762D560
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 6F6C7C275BA22EE45CED1DE204A574FF
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/peOCYTutYmuxpUnV?e7222b18475462b7=FOW6D5uE1YvRaFCqlcoZszldDix-BjGwpSor61V-UTTSAon3nBOhNRPcdp0xI7yW_Ue9Q9q3QduDVkumTtY8TaVV77DABKQAaPYlS8LdBXDQasvJxAhZIKviKGs8ry6ZMgVA86zA3a26TE-P4QSwGgJPrcYkTYmDB-L1dOWRUl8Q04ZxTEkXd9ldMPwV2bBCvM7Y_SmHXgm1xniv&jb=3439242668716f77354c696e757026627b6f354e616c7570246a716275354368726d6f65266a71623f416870676d65253238393e
Frame ID: EA48ADFFF64E94BBB18D1C75DD9E8B3C
Requests: 13 HTTP requests in this frame

Frame: https://event.evtm.53.com/K_7Xytjq0HM8ULtk?aecae2f30dcf9935=iJHcBo1lLcXhf2OhYbFZ7YJnhe4cEzHlFNBuxVN7oNCVrpn8VY6auq6HgKbNwyf34AGSDjQ_a85Q8qGBmTPLW9IudPpsD0lvUod-W7s9F9LeXjzA2rkBybtyu5JVdZ4W1oS4DEQEPDApC3Ye68pXOc1RZvNlkxhV7vMSmoqtZcP_pUJ57Kj_UOXNaYDdBdKG_881uKw3R19c5P5yS9o
Frame ID: EE05279703F884E1A98B734A09179A3B
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/wNMpn9tF6km0BxE5?4e72fb6af72dd97d=YJxNLKoxFLWKkNgosPhKiAPWWlgiY49XdRJd-6rm-mwec6OQDq2WzL-1c62sjPLfcj_24MCvWkF4auVFzxBOqTUcVqgogYoO-pdV3dh73lyFJRDGlfjs2bLxEZXJKDdN2yHLUXQbSj4ZZ0q6OKLhigXuShPi9Q674mkwBpdXGh40H22hswBqFxHpPiEOr3N2awINfRYofWDB5by1d_XN
Frame ID: A6F7C14495C39B591A75F16B3DFE6B7A
Requests: 1 HTTP requests in this frame

Frame: https://event.evtm.53.com/OLnLjqoEoOxI9gyB?59f33da4e7830b92=AJvlXuxaJTI3EM2pTFiFGu-DPpkw0MJ1v9eqQHeo00VU1YVfO9fSbJVz2lRi4W0wzRmdv82c2bGx-S6LHCRSvLqAsyoDNJVxUDS45HqMhv0SJ0Zu-nhWAofqzisOA8DG2tsnJDgaURj_Fg8waffXmT-myNize8TKRXQVj9gs-ITfUjFUWiDfUvyIMvtnXYfDcgraSmiE_X_1xrVkyb44
Frame ID: F27FD6F2CE1ECF342FDD6D0334CA0EE5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Fifth Third Banking Login | Fifth Third Bank

Page Statistics

181
Requests

64 %
HTTPS

34 %
IPv6

25
Domains

35
Subdomains

31
IPs

5
Countries

2101 kB
Transfer

6751 kB
Size

25
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://locations.53.com/search.html
Title: Branch & ATM Locator

Search URL Search Domain Scan URL

URL: https://express.53.com/portal/auth/login/Login
Title: Go To Login

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/forgotUserId
Title: Forgot User ID

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/forgotPassword
Title: Forgot Password

Search URL Search Domain Scan URL

URL: https://onlinebanking.53.com/ib/#/newUser
Title: Register

Search URL Search Domain Scan URL

URL: https://ir.53.com/
Title: Investor Relations

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

http://s7.addthis.com/js/300/addthis_widget.js HTTP 308
https://s7.addthis.com/js/300/addthis_widget.js

Request Chain 60

http://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841 HTTP 302
https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841

Request Chain 61

http://cm.everesttech.net/cm/dd?d_uuid=26463477005895777260154293806083553498 HTTP 301
https://cm.everesttech.net/cm/dd?d_uuid=26463477005895777260154293806083553498 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbNRewAAAFApvwP0 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YbNRewAAAFApvwP0

Request Chain 87

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e66c7c96-16a2-4530-b24b-577580fcdaad&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php HTTP 301
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e66c7c96-16a2-4530-b24b-577580fcdaad&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php

Request Chain 90

http://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Request Chain 91

http://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Request Chain 92

http://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

Request Chain 93

http://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

Request Chain 94

http://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

Request Chain 95

http://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

Request Chain 96

http://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

Request Chain 97

http://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

Request Chain 98

http://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

Request Chain 99

http://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c

Request Chain 100

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1227018%26time%3D1639141755124%26url%3Dhttp%253A%252F%252Ffifthy3bank.dd-dns.de%252F53b%252Fmain.php%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true&e_ipv6=AQJcPKqRgK3xkgAAAX2kdkrcpEXU8LG2vFsb_M2Z45EnNfhXNvyLWctVPP3aorAsR98rfdqeEg

Request Chain 138

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 301
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com

Request Chain 155

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=eloqua.53.com HTTP 302
http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=3ECDA84FB8BA471EA1DD828E9292A565

Request Chain 156

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 301
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=contactforms.53.com HTTP 302
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=DF8E5976FD0A490EA7D7392655D0C884

Request Chain 160

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e62463f3-0ed5-4c32-a972-da5eea9a6c8c&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php HTTP 301
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e62463f3-0ed5-4c32-a972-da5eea9a6c8c&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php

Request Chain 165

https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?bfe02648af979330=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRFxiwfZ7Bl1vZ4JYR9Iq0YUGn03xDb0iWJTtS3wgbR7k HTTP 302
https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?0505674ac27c4450=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRF_cFHucnB12BFnY_R8BuAx8&k=2

181 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request main.php Show response
fifthy3bank.dd-dns.de/53b/ 140 KB
30 KB 364ms
352ms Document
text/html 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a9fd4ba40b13c1a2f3d2fea53a2b79f8d86ca352abce9c1a3b11f2a30e55962

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 30474
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H/1.1 200
OK clientlib-style.1cebb4c25d6a006184c9b14cdf505b28.css
fifthy3bank.dd-dns.de/53b/assets/css/ 232 KB
33 KB 339ms
333ms Stylesheet
text/css 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-style.1cebb4c25d6a006184c9b14cdf505b28.css
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: da05272cfbacbac3445b00f7ebd20209a37375ada8a73bd7d4d4d9b4703d1562

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:17 GMT
Server: nginx
ETag: W/"61b22f55-3a1b0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
fifthy3bank.dd-dns.de/53b/assets/css/ 8 KB
2 KB 316ms
310ms Stylesheet
text/css 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 95e07b9ed10bad5fc15c9e4eb80c3a5a5a53d45203a8225685ca2f53334b5903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:15 GMT
Server: nginx
ETag: W/"61b22f53-20fb"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 96 KB
29 KB 344ms
338ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/widgets.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:53 GMT
Server: nginx
ETag: W/"61b22f79-180cb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK elqCfg.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 6 KB
3 KB 168ms
168ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/elqCfg.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:37 GMT
Server: nginx
ETag: W/"61b22f69-17c0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK insight.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 5 KB
2 KB 161ms
160ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/insight.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:41 GMT
Server: nginx
ETag: W/"61b22f6d-124c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK init.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 564 B
703 B 344ms
339ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/init.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 109cf1f166ba1e18734ca4a1d07e758e9d08abfab979578ffd0390c489c383ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:40 GMT
Server: nginx
ETag: W/"61b22f6c-234"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK launch-EN819648af9c424f3b9bbb22ae68c6cb6a.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 517 KB
119 KB 331ms
326ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/launch-EN819648af9c424f3b9bbb22ae68c6cb6a.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e59ff6d845fb5f4fec874d19ae9dc040d68ea904198f60f9be4a635d4557903

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:45 GMT
Server: nginx
ETag: W/"61b22f71-813a1"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK AppMeasurement.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 33 KB
12 KB 160ms
159ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/AppMeasurement.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:34 GMT
Server: nginx
ETag: W/"61b22f66-826c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 3 KB
2 KB 160ms
160ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:34 GMT
Server: nginx
ETag: W/"61b22f66-cfb"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK AppMeasurement_Module_AudienceManagement.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 25 KB
9 KB 162ms
158ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:35 GMT
Server: nginx
ETag: W/"61b22f67-621b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK js.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 97 KB
38 KB 180ms
179ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/js.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 86e965b9f26217bb2e3337078aa8a8c08525e5593b551103f8f07fbd94b8ce1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:43 GMT
Server: nginx
ETag: W/"61b22f6f-184a8"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK uwt.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 14 KB
6 KB 160ms
159ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/uwt.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:52 GMT
Server: nginx
ETag: W/"61b22f78-3847"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1221502774554360 Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 39 KB
39 KB 205ms
205ms Script
text/plain 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/1221502774554360
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5820701d2c6ea1d9f83589701f95b8a2a0cf8e0863df93e4b9f762d847802f4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Last-Modified: Thu, 09 Dec 2021 16:31:32 GMT
Server: nginx
ETag: "9ae7-5d2b923aea0e0"
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 39655

GET
H/1.1 200
OK fbevents.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 98 KB
26 KB 166ms
166ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/fbevents.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:38 GMT
Server: nginx
ETag: W/"61b22f6a-189e5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK js2.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 97 KB
38 KB 165ms
164ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/js2.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ce1514e912b03e453dd2502e2506aed7a3650c57824c32b8f00a85489752ca9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:43 GMT
Server: nginx
ETag: W/"61b22f6f-184be"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK RCaac05d6061834e998c7762867e58c1f4-source.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 1 KB
956 B 159ms
159ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/RCaac05d6061834e998c7762867e58c1f4-source.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ed0a8568bc221ab9f5e766d6ef0c858ad327477cc0c5d0b6ed376392bb282d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:51 GMT
Server: nginx
ETag: W/"61b22f77-584"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK RC610020f9feb9444981811dd2ff136847-source.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 943 B
925 B 167ms
167ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/RC610020f9feb9444981811dd2ff136847-source.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: d18e1269d9c3bbb350e0c4b3d317af40b6f3c490bddae1f51a7590ff05070e24

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:49 GMT
Server: nginx
ETag: W/"61b22f75-3af"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK RC2fbb197127024365b804821684503738-source.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 941 B
919 B 168ms
168ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/RC2fbb197127024365b804821684503738-source.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 24613ebd1ed486e6d2e16092efea69dccf252bf0e2b6c8d8cee50a57effefb92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:48 GMT
Server: nginx
ETag: W/"61b22f74-3ad"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/ 2 KB
1 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/?random=1638177567833&cv=9&fst=1638177567833&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba6e6298ad6a706fead44c5814e90d4b64995ac17bf3701ebc4811aab0fa0ecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK layers.fa6cd1947ce26e890d3d.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 263 KB
74 KB 173ms
173ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/layers.fa6cd1947ce26e890d3d.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:46 GMT
Server: nginx
ETag: W/"61b22f72-41cf5"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/787644850/ 2 KB
1 KB 48ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787644850/?random=1638177568101&cv=9&fst=1638177568101&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa313fbb7800e7f314c2bbf6d4ec6d04bc8df2300a1942a45c3f6ca8b079fde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/ 2 KB
1 KB 56ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/?random=1638177568263&cv=9&fst=1638177568263&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4796a2cac7d1487b34f25bc12aa7165ca6db2bc924e6e294fdbc628529c479eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1066
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/847447334/ 2 KB
1 KB 49ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/847447334/?random=1638177568270&cv=9&fst=1638177568270&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e593de471c67078e3f80049b8e514de4832e0632fec30bf357eb471b9fe322ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/783154456/ 2 KB
2 KB 46ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783154456/?random=1638177568359&cv=9&fst=1638177568359&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f77ecc5523f17169fadad242178930545222a8407684f723bf11720db2d7d071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854346853/ 2 KB
1 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854346853/?random=1638177568500&cv=9&fst=1638177568500&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bef20a9abe7e27e636a8749e26835c1d2d44c4348a03375fdabdc4d734c1c3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
1 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1638177568508&cv=9&fst=1638177568508&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19595146664c6bd9e77d1b736b74e29c98b4ea3ef6a22d46bccc632db663d9d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936762750/ 2 KB
1 KB 49ms
25ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936762750/?random=1638177569206&cv=9&fst=1638177569206&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&tc=x&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d610c4681a07ce57229a1b3828dc374c73f5684bb07f3c877a655442843d38b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854356612/ 2 KB
1 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854356612/?random=1638177569211&cv=9&fst=1638177569211&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

301ae2f691b032302fca758b0bd2fda59d2ffa8ae380c78ed5acf94a9139210b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1069
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
1 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1638177569442&cv=9&fst=1638177569442&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3bcb0fe2fa0acc39d13fda1ac377383e36da9d4d47e1ce66798e367fb6f8df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986790419/ 2 KB
1 KB 49ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986790419/?random=1638177569604&cv=9&fst=1638177569604&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c4511e693b55cd1cd794d7b8787e65a64a5ca004e00d9852aaf369061198490

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cuv00xe2ueakgfy8.js Show response
event.evtm.53.com/ 80 KB
11 KB 69ms
16ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/cuv00xe2ueakgfy8.js?6oxxz9y8a4w6l138=3z5dc3wi&8ntd16i21dvki75h=aa24f757-55a0-4880-b975-30fe490ee67e

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b31863c3bc951f946401fd3fcdffdcccb3947d74ecff37cd6b192d33692ff10b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK logo.svg
fifthy3bank.dd-dns.de/53b/assets/js/ 5 KB
2 KB 303ms
159ms Image
image/svg+xml 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/logo.svg
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:47 GMT
Server: nginx
ETag: W/"61b22f73-130b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1440x565-ftblue-other.jpg
fifthy3bank.dd-dns.de/53b/assets/img/ 64 KB
65 KB 167ms
167ms Image
image/jpeg 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/img/1440x565-ftblue-other.jpg
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Last-Modified: Thu, 09 Dec 2021 16:31:20 GMT
Server: nginx
ETag: "61b22f58-10157"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 65879
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK equal_housing_logo.png
fifthy3bank.dd-dns.de/53b/assets/img/ 3 KB
3 KB 170ms
170ms Image
image/png 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/img/equal_housing_logo.png
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:16 GMT
Last-Modified: Thu, 09 Dec 2021 16:31:26 GMT
Server: nginx
ETag: "61b22f5e-ac6"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=60
Content-Length: 2758
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK patternlab.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 402 KB
114 KB 208ms
208ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/patternlab.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 61c857f49daf5027a73cc384e5e75d01e0b9123a7e77792ab282026f451f6ed9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:50 GMT
Server: nginx
ETag: W/"61b22f76-64602"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cms.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 25 KB
6 KB 162ms
161ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/cms.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 9604dbabba22c1d2ef244a1b76ec794b0fdb510dcfe6b6b7fee3b300e4e25e65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:37 GMT
Server: nginx
ETag: W/"61b22f69-624e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK loadLogonScript.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 1 KB
824 B 158ms
157ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/loadLogonScript.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: b4831187612ef74589b40199fa2014e002128688eaaf14ebc9d8efa2085ec6f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:46 GMT
Server: nginx
ETag: W/"61b22f72-42b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

addthis_widget.js Show response
s7.addthis.com/js/300/
Redirect Chain

http://s7.addthis.com/js/300/addthis_widget.js
https://s7.addthis.com/js/300/addthis_widget.js

353 KB
114 KB

27ms
10ms

Script
application/javascript

184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 10 Dec 2021 13:09:15 GMT
x-host: s7.addthis.com
content-length: 116325

Redirect headers

Date: Fri, 10 Dec 2021 13:09:14 GMT
Server: nginx/1.15.8
X-Distribution: 99
Content-Type: text/html
Location: https://s7.addthis.com/js/300/addthis_widget.js
X-Host: s7.addthis.com
Connection: keep-alive
Content-Length: 171

GET
H/1.1 200
OK jquery.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 85 KB
30 KB 174ms
172ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/jquery.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:41 GMT
Server: nginx
ETag: W/"61b22f6d-1538f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK hogan-3.0.1.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 20 KB
6 KB 161ms
159ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/hogan-3.0.1.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8852250970301a870d0a14722a7fda66b2a74bbb65bf2b7b3fe80dc8d8434ee6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:40 GMT
Server: nginx
ETag: W/"61b22f6c-505b"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ba-hashchange.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 2 KB
1 KB 160ms
157ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/ba-hashchange.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 506ff5c4d37c218c9e2581ae7e7bd9bb94e1fbb2a3d7b5584f332966fa003981

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:36 GMT
Server: nginx
ETag: W/"61b22f68-9f7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK autocomplete.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 16 KB
4 KB 158ms
158ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/autocomplete.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f6a2708bb08039d7670a428ddc421f27ed1d6e2fdca03c59001f56f4791e07a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:35 GMT
Server: nginx
ETag: W/"61b22f67-401f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK moveScripts.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 750 B
750 B 158ms
158ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/moveScripts.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1777f023a61ea16a4888e9baa951d81736426c5b880fca946f9d37d0eb2cffae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:47 GMT
Server: nginx
ETag: W/"61b22f73-2ee"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK slick.min.js Show response
fifthy3bank.dd-dns.de/53b/assets/js/ 42 KB
10 KB 169ms
169ms Script
application/javascript 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/js/slick.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:51 GMT
Server: nginx
ETag: W/"61b22f77-a76f"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK autocomplete.css
fifthy3bank.dd-dns.de/53b/assets/css/ 3 KB
2 KB 158ms
158ms Stylesheet
text/css 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/autocomplete.css
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6c2ab9f3416084bd3ecb445e18b4b253f6acba1ee5014e829b22c7cf1a9e8082

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:15 GMT
Server: nginx
ETag: W/"61b22f53-d8c"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK search.css
fifthy3bank.dd-dns.de/53b/assets/css/ 3 KB
1 KB 158ms
158ms Stylesheet
text/css 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/search.css
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:31:16 GMT
Server: nginx
ETag: W/"61b22f54-bd2"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found kWGsB
fifthy3bank.dd-dns.de/TRWNcpZcXcihe/qJiKUI/q97ljdss/DauDpkG4w5wu/AB5YVy8/PzlbTlU/ 0
0 158ms
158ms Script
text/html 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/TRWNcpZcXcihe/qJiKUI/q97ljdss/DauDpkG4w5wu/AB5YVy8/PzlbTlU/kWGsB
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/53b/main.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:27:47 GMT
Server: nginx
ETag: W/"59e-5d2b91637acea"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
675 B 147ms
123ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=c47aa975-6dc1-4073-94d7-1159de9d6365&tw_document_href=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e978c2fc6448f43f9398803b0f0dc2726493d3992f53e378b75b17cd8a15f174
x-transaction: 08dfea1a9586d680
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 38ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:29:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 10 Dec 2021 13:09:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Dec 2021 13:09:14 GMT

GET
H/1.1 200
OK launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js Show response
assets.adobedtm.com/ 568 KB
133 KB 26ms
9ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/js/init.js
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 775b6027a5c93e42bd0effcb8392749d26ffcd3ab6ac1248ad63d547eed87702

Request headers

Referer: http://fifthy3bank.dd-dns.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Dec 2021 07:03:03 GMT
Server: AkamaiNetStorage
ETag: "f25781396fc2a886db72c35fab2cf6c3:1639119783.901044"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: http://fifthy3bank.dd-dns.de
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 135197
Expires: Fri, 10 Dec 2021 13:09:14 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 832 B
1 KB 78ms
59ms XHR
application/json 54.194.29.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id?d_visid_ver=4.5.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=CBBDCBC1557213FE7F000101%40AdobeOrg&d_nsid=0&ts=1639141754769
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Server: 54.194.29.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-29-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 553cf2b2c5bbfeb7e378225e222b998c89f8944e1a4accdeeaeb93cc933ca5bd

Request headers

Referer: http://fifthy3bank.dd-dns.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v020-005beffd3.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
content-encoding: gzip
X-TID: A2pVkea3SaU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://fifthy3bank.dd-dns.de
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 467
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 33 KB
12 KB 50ms
13ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "41f1b46329a6056c0f2c993498eda989:1591133412.019903"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12161
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 3 KB
2 KB 52ms
16ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "e9aa55ef8b40a205f86b54789b37de5c:1591133412.323749"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1607
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/ 25 KB
9 KB 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Jun 2020 21:30:12 GMT
server: AkamaiNetStorage
etag: "7324535d27629ca693bad7fd0da315ea:1591133412.560246"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8764
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 47ms
20ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-983180037

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54acf44ac22fcdc569ddb2a9bc8de353551769ac3ce80ca291038b7f17b58175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39624
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 14 KB
6 KB 29ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 23:58:10 GMT
etag: "8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 5410
x-served-by: cache-iad-kjyo7100040-IAD, cache-hhn11542-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: FhFsEPTYAsdQwmpI3+ACmPsLGYntkRPHfI6SyzfzLfyBoxgNtu7aLSGoXaEsQas6gmwq5e0tUIPycudIms5uFA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 10 Dec 2021 13:09:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 47ms
13ms Script
application/x-javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=24274
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 40ms
33ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://img.en25.com/i/elqCfg.min.js

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Thu, 14 Oct 2021 00:58:49 GMT
ETag: "28352a696c0d71:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-965699254

Requested by

Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0e998b79c439d1f7ab12e02239bfbd000f001d2df4e22fee6010fbb2ce69fee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39620
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H/1.1

200
OK

js
pixel.mathtag.com/event/
Redirect Chain

http://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841

2 KB
2 KB

108ms
65ms

Image
text/javascript

2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2068
Expires: Fri, 10 Dec 2021 13:09:14 GMT

Redirect headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Server: MT3 4133 baa842e master zrh-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_id=1475743&mt_adid=236841
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Fri, 10 Dec 2021 13:09:14 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=26463477005895777260154293806083553498
https://cm.everesttech.net/cm/dd?d_uuid=26463477005895777260154293806083553498
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YbNRewAAAFApvwP0
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YbNRewAAAFApvwP0

42 B
943 B

36ms
36ms

Image
image/gif

54.194.29.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YbNRewAAAFApvwP0

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

54.194.29.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-29-148.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v020-0de17d954.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: pxZKjrzWS60=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v020-0f00592e7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 7TTqBod/QmE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=YbNRewAAAFApvwP0
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 /
www.google.com/pagead/1p-user-list/983180037/ 42 B
548 B 43ms
20ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/983180037/?random=1638177567833&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3273027549&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/983180037/ 42 B
548 B 47ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/983180037/?random=1638177567833&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3273027549&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/787644850/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/787644850/?random=1638177568101&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1195764185&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/787644850/ 42 B
108 B 30ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787644850/?random=1638177568101&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1195764185&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/725123364/ 42 B
108 B 26ms
25ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725123364/?random=1638177568263&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=895020786&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/725123364/ 42 B
108 B 25ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725123364/?random=1638177568263&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=895020786&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/847447334/ 42 B
108 B 27ms
25ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/847447334/?random=1638177568270&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1320846052&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/847447334/ 42 B
108 B 22ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/847447334/?random=1638177568270&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1320846052&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/783154456/ 42 B
108 B 24ms
23ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/783154456/?random=1638177568359&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=4239355014&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/783154456/ 42 B
108 B 29ms
27ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/783154456/?random=1638177568359&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=4239355014&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/854346853/ 42 B
108 B 31ms
29ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854346853/?random=1638177568500&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3613635602&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/854346853/ 42 B
108 B 25ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854346853/?random=1638177568500&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3613635602&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
108 B 25ms
24ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1638177568508&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3731738775&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
108 B 25ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1638177568508&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3731738775&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/936762750/ 42 B
108 B 24ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936762750/?random=1638177569206&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=351671080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/936762750/ 42 B
108 B 23ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936762750/?random=1638177569206&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=351671080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/854356612/ 42 B
108 B 29ms
28ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854356612/?random=1638177569211&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3304587780&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/854356612/ 42 B
108 B 28ms
26ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854356612/?random=1638177569211&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3304587780&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
108 B 29ms
27ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1638177569442&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1056605457&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
108 B 28ms
26ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1638177569442&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1056605457&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/986790419/ 42 B
108 B 27ms
26ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986790419/?random=1638177569604&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=232040781&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/986790419/ 42 B
108 B 24ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986790419/?random=1638177569604&cv=9&fst=1638176400000&num=1&bg=ffffff&guid=ON&u_h=768&u_w=1366&u_ah=728&u_aw=1366&u_cd=24&u_his=1&u_tz=60&u_java=false&u_nplug=5&u_nmime=2&gtm=2oaba1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.53.com%2Fcontent%2Ffifth-third%2Fen%2Flogin.html&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=232040781&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,400i,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://fifthy3bank.dd-dns.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 219281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 08 Dec 2022 00:14:34 GMT

GET
H/1.1 200
OK dest5.html Show response
fast.fifththird.demdex.net/ Frame 2833 7 KB
3 KB 71ms
34ms Document
text/html 2.16.186.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.fifththird.demdex.net/dest5.html?d_nsid=0
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: HTTP/1.1
Server: 2.16.186.56 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-56.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Accept-Ranges: bytes
Content-Type: text/html
ETag: "2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified: Mon, 03 Feb 2020 17:27:06 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=21600
Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Length: 2785
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"

GET
H/1.1 404
Not Found icomoon.woff
fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/ 0
0 322ms
198ms Font
text/html 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/icomoon.woff
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Origin: http://fifthy3bank.dd-dns.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:27:47 GMT
Server: nginx
ETag: W/"59e-5d2b91637acea"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e...
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=...

43 B
470 B

135ms
119ms

Image
image/gif

104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e66c7c96-16a2-4530-b24b-577580fcdaad&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 111
pragma: no-cache
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d90109a1062e9ddf8ee7ea35c18832e0286ced194fbca31b51d2dd4cd6194bc1
x-transaction: 4b354d86fd01d75f
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e66c7c96-16a2-4530-b24b-577580fcdaad&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php
x-response-time: 101
date: Fri, 10 Dec 2021 13:09:15 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: 1c64059aaad7ce728604f8681bfe5a92174fd94fbff922afd514a8b0c24e308d
content-length: 0

GET
H2 200 1221502774554360 Show response
connect.facebook.net/signals/config/ 39 KB
11 KB 127ms
126ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1221502774554360?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5820701d2c6ea1d9f83589701f95b8a2a0cf8e0863df93e4b9f762d847802f4b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: y60VhX7gKvaMkco2wNJrYykLw4VX+HU4v0sFz14/q7bX3zBWaCR4qTLbu9BoEKx9DHyLoFY33NdVjmViqRnMLg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Dec 2021 13:09:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 44ms
22ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-983180037

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
report-to: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="gfe-default_product_name"
expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

97 KB
39 KB

37ms
22ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eed94919f09f2a30d158ed179fd50b254b9de9f4308c0a6f4d56fdc6eca5b772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39606
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

97 KB
39 KB

23ms
17ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80d53371b8cec4269dff56af1fd925d5c4526f439c1486deac4638843a1c987d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39622
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-725123364&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

97 KB
39 KB

31ms
25ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e46f09e4cdcb6a35643984a7ad25ecc0fabd104a72579b178e52f37bbfe744fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39622
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-847447334&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

97 KB
39 KB

18ms
18ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fa00164e19262e90668757616138491f3e7b115560f9f5a3a94f492d687e062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39624
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-783154456&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

97 KB
39 KB

20ms
20ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59e9fa449b0fe2121725214975e4d34d7bcbd70ee180170fd9b061758fd5589d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39623
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-854346853&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

97 KB
39 KB

16ms
16ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63f8d1cac7f399a5a8a89ed7c50b79980fd978583e819dfbd38f0387f10aa967

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39624
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-965699254&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

87 KB
35 KB

21ms
20ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

24f1c50f677ebcf116acbf443d212b471940ff2a470edfd849af35e3d2079fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35948
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-6268884&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

97 KB
39 KB

22ms
21ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b156d531175d53cffe1d5c8599caa26ca42051c1904c23ee06c91629ab2cb235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39604
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-936762750&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

97 KB
39 KB

17ms
17ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

169a75d30b77848d35b92d488dc6f5803faef1a4312c5c87310e5dd9e4362616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39622
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-854356612&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c

97 KB
39 KB

24ms
23ms

Script
application/javascript

2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dfa2e93cf9ea5f54c1ed62c92ae20d7b51915297584273e1f85a116ffb0ddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39625
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Dec 2021 13:09:15 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-986790419&l=dataLayer&cx=c
Non-Authoritative-Reason: HSTS

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1227018%26time%3D1639141755124%26url%3Dhttp%253A%252F%252Ffifthy3bank.dd-dns.de%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true&e_ipv6=AQJcPKqRgK3xkgAAAX2kdkrcpEXU8LG2vFsb_M2Z45E...

0
156 B

313ms
114ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true&e_ipv6=AQJcPKqRgK3xkgAAAX2kdkrcpEXU8LG2vFsb_M2Z45EnNfhXNvyLWctVPP3aorAsR98rfdqeEg
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: PW8KEr5mvxZA3Q86XysAAA==

Redirect headers

date: Fri, 10 Dec 2021 13:09:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 42F99191ED3846C4AF31B6D522B13B11 Ref B: FRAEDGE0710 Ref C: 2021-12-10T13:09:15Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1227018&time=1639141755124&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&liSync=true&e_ipv6=AQJcPKqRgK3xkgAAAX2kdkrcpEXU8LG2vFsb_M2Z45EnNfhXNvyLWctVPP3aorAsR98rfdqeEg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXSym4UQZJe1KSMotNDMQ==

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/ 2 KB
1 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/983180037/?random=1639141755202&cv=9&fst=1639141755202&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

918b44fc55bb578b68e2197ca0d8cfeec08b81af04196324d3dddc6f919f0c40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 60ms
18ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=54323
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame FB66 71 KB
26 KB 15ms
14ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 10 Dec 2021 13:09:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 29ms
18ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-787644850&l=dataLayer&cx=c

Protocol

HTTP/1.1

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 14328
X-XSS-Protection: 0
Server: cafe
ETag: 12503521247758841375
Vary: Accept-Encoding
Report-To: {"group":"gfe-default_product_name","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/default_product_name"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="gfe-default_product_name"
Expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 25ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1221502774554360&ev=PageView&dl=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&rl=&if=false&ts=1639141755309&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=28&fbp=fb.2.1639141755308.1177647960&it=1639141755079&coo=false&rqm=GET

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 10 Dec 2021 13:09:15 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/983180037/ 42 B
64 B 38ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/983180037/?random=1639141755202&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=6926971&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/983180037/ 42 B
64 B 37ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/983180037/?random=1639141755202&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=6926971&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found icomoon.ttf
fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/ 0
0 238ms
206ms Font
text/html 45.92.124.67
DEDIPATH-LLC

General

Check archive.org

Show headers Download Go to

Full URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/icomoon.ttf
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Protocol: HTTP/1.1
Server: 45.92.124.67 Los Angeles, United States, ASN35913 (DEDIPATH-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Origin: http://fifthy3bank.dd-dns.de
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Dec 2021 16:27:47 GMT
Server: nginx
ETag: W/"59e-5d2b91637acea"
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1639141755356&cv=9&fst=1639141755356&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a38f7847e4e8a9ae63faa1aa9f91638d30edb02ee770d641eb66123c06f4369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/787644850/ 2 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787644850/?random=1639141755358&cv=9&fst=1639141755358&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c5c8223f14e72a1aa6022c02f7fd7b657807fe49a98dd74a7a7292c6e199cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/847447334/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/847447334/?random=1639141755363&cv=9&fst=1639141755363&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59743210ae7110b75ac1665a31cdf6b6312c5db2603a1d7789cb5fbcaa8dcb8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/783154456/ 2 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/783154456/?random=1639141755365&cv=9&fst=1639141755365&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f7bda4ef3edb7a05e6d498eedc5698fa1f7a071f8845a4f92dd4077e91ca5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854346853/ 2 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854346853/?random=1639141755368&cv=9&fst=1639141755368&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ff7802837aa40d9e7b1edb61061edf90abc17820944a1f24a2edbd14d0afd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/725123364/?random=1639141755371&cv=9&fst=1639141755371&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0da0dffa26ab94cf886df224d77408fba36150168331a17b9fc2068561c258ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1639141755427&cv=9&fst=1639141755427&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5b162f113556f5377c27c751e0df2d855f94b99156ba3d05f515cc814979c0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/ 2 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/965699254/?random=1639141755428&cv=9&fst=1639141755428&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a026d1ab731d46c09678f0a76a5ac8a19c879f5cb5bbcc84faa0be2f3b215a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/936762750/ 2 KB
1 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/936762750/?random=1639141755436&cv=9&fst=1639141755436&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4655867c481e5717a210ef7e1b40cd5cb244082e37e2a762a34b42982016df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1058
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/854356612/ 2 KB
1 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/854356612/?random=1639141755438&cv=9&fst=1639141755438&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5b7c3454e28e6d9aab3b2580be6b56e337540c0b56bcc847984282be325f8c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986790419/ 2 KB
1 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986790419/?random=1639141755441&cv=9&fst=1639141755441&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf6b36839eae51e7c105734ca4762a5009c2d0121593e485c70daaf824bb1f94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/847447334/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/847447334/?random=1639141755363&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2293293394&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/847447334/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/847447334/?random=1639141755363&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2293293394&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/783154456/ 42 B
64 B 21ms
21ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/783154456/?random=1639141755365&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=282631258&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/783154456/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/783154456/?random=1639141755365&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=282631258&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/725123364/ 42 B
64 B 27ms
26ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/725123364/?random=1639141755371&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1680635583&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/725123364/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/725123364/?random=1639141755371&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1680635583&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1639141755356&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=995220412&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1639141755356&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=995220412&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/787644850/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/787644850/?random=1639141755358&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=927983612&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/787644850/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/787644850/?random=1639141755358&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=927983612&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854346853/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854346853/?random=1639141755368&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3558539480&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/854346853/ 42 B
64 B 24ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854346853/?random=1639141755368&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3558539480&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 42ms
42ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1639141755428&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=683738107&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1639141755428&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=683738107&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/965699254/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/965699254/?random=1639141755427&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1341480349&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/965699254/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/965699254/?random=1639141755427&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=1341480349&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame ABAE 319 KB
103 KB 33ms
9ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.53.com
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 60170
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Dec 2021 13:09:15 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H/1.1 200
OK svrGP
eloqua.53.com/visitor/v200/ 49 B
375 B 236ms
208ms Image
image/gif 142.0.160.57
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=eloqua.53.com

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

142.0.160.57 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

mail01.academic.hbsp.harvard.edu

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

svrGP
contactforms.53.com/visitor/v200/
Redirect Chain

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com

49 B
375 B

478ms
158ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=123&optin=disabled&firstPartyCookieDomain=contactforms.53.com
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 289
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 RCaac05d6061834e998c7762867e58c1f4-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/ 1 KB
837 B 14ms
13ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/RCaac05d6061834e998c7762867e58c1f4-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c62e30ed4b6c1bce8e6dcfa821bdf17bd9d87951465c344f69d00f74d0c54dea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 07:03:04 GMT
server: AkamaiNetStorage
etag: "b1fc6c9aa4791fe2c00f8af133840757:1639119784.704232"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 568
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H2 200 RC610020f9feb9444981811dd2ff136847-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/ 943 B
804 B 16ms
15ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/RC610020f9feb9444981811dd2ff136847-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b832df9c5e122a9a4c2b093445350f15892dd55a40679e401fe840a641d1740b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 07:03:04 GMT
server: AkamaiNetStorage
etag: "b1fc6c9aa4791fe2c00f8af133840757:1639119784.704232"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 535
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H2 200 RC2fbb197127024365b804821684503738-source.min.js Show response
assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/ 941 B
799 B 20ms
19ms Script
application/x-javascript 2a02:26f0:6c00:2b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/cadf1530cead/3d6f9db110e0/dd4f0e7fc55f/RC2fbb197127024365b804821684503738-source.min.js
Requested by: Host: assets.adobedtm.com
URL: http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 8bb7cc6eaa94772436e168ef44471e9436490efff53bc38e83a6f359659663e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 07:03:04 GMT
server: AkamaiNetStorage
etag: "b1fc6c9aa4791fe2c00f8af133840757:1639119784.704232"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: http://fifthy3bank.dd-dns.de
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 530
expires: Fri, 10 Dec 2021 14:09:15 GMT

GET
H/1.1 200
OK widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html Show response
platform.twitter.com/widgets/ Frame 4610 319 KB
103 KB 33ms
8ms Document
text/html 93.184.220.66
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Ffifthy3bank.dd-dns.de
Requested by: Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/js/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6711) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 60170
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 10 Dec 2021 13:09:15 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Mon, 18 Oct 2021 18:32:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6711)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
117 B 122ms
120ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e66c7c96-16a2-4530-b24b-577580fcdaad&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e978c2fc6448f43f9398803b0f0dc2726493d3992f53e378b75b17cd8a15f174
x-transaction: 7fd4a32e74285356
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-57fbbf0f65d1f6cb/ 1 KB
694 B 35ms
29ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-57fbbf0f65d1f6cb/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5acfc48a41239342182d717cae97a3f2eeaadc65de5197a453d9c22916a6d2e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
etag: 823650384--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=13, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 519

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 203ms
200ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61b3517b7bebe05c&bkl=0&bl=1&pdt=1236&sid=61b3517b7bebe05c&pub=ra-57fbbf0f65d1f6cb&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.53.com&fp=content%2Ffifth-third%2Fen%2Flogin.html&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1639141755526&jsl=8193&uvs=61b3517bb34efe8a000&skipb=1&callback=addthis.cbs.jsonp__65187522593108430
Requested by: Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2dd0d2db54bb7f42ad5821d166f14aa1d495e714daef94a26ba8d7776ff7b2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B1FC 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 6F6C 71 KB
26 KB 66ms
65ms Document
text/html 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 10 Dec 2021 13:09:15 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 /
www.google.com/pagead/1p-user-list/936762750/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/936762750/?random=1639141755436&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3379804499&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/936762750/ 42 B
64 B 23ms
23ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/936762750/?random=1639141755436&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=3379804499&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/854356612/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/854356612/?random=1639141755438&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=942525384&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/854356612/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/854356612/?random=1639141755438&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=942525384&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/986790419/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986790419/?random=1639141755441&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2709023054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/986790419/ 42 B
64 B 25ms
24ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986790419/?random=1639141755441&cv=9&fst=1639141200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tiba=Fifth%20Third%20Banking%20Login%20%7C%20Fifth%20Third%20Bank&async=1&fmt=3&is_vtc=1&random=2709023054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Dec 2021 13:09:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 29ms
28ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: http://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Fri, 10 Dec 2021 13:09:15 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H/1.1

200
OK

svrGP
eloqua.53.com/visitor/v200/
Redirect Chain

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=eloqua.53.com
http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=3ECDA84FB8BA471EA1DD828E9292A565

49 B
495 B

171ms
170ms

Image
image/gif

142.0.160.57
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=3ECDA84FB8BA471EA1DD828E9292A565

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

142.0.160.57 Ashburn, United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

mail01.academic.hbsp.harvard.edu

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: http://eloqua.53.com/visitor/v200/svrGP?pps=3&siteid=1240377118&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=3ECDA84FB8BA471EA1DD828E9292A565
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 289
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H/1.1

200
OK

svrGP
contactforms.53.com/visitor/v200/
Redirect Chain

http://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&firstPartyCookieDomain=contactforms.53.com
https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=DF8E5976FD0A490EA7D7392655D0C884

49 B
495 B

350ms
350ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=DF8E5976FD0A490EA7D7392655D0C884

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

HTTP/1.1

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:15 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://contactforms.53.com/visitor/v200/svrGP?pps=3&siteid=1165&ref2=elqNone&tzo=0&ms=567&optin=disabled&elq1pcGUID=DF8E5976FD0A490EA7D7392655D0C884
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 290
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 settings Show response
syndication.twitter.com/ Frame ABAE 232 B
207 B 143ms
119ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=aefa2373002df308a2057b46e9c46c439a555fdb

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.53.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 112
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2786ef57310174c83704f38b9d45a9a24abffd966e1afafa25d9200a7fb31687
content-length: 166

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 4610 232 B
448 B 121ms
114ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=634c536bbb0efeaa6d2ddd95c9a6c0b144e2a5b9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=http%3A%2F%2Ffifthy3bank.dd-dns.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 106
date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 2786ef57310174c83704f38b9d45a9a24abffd966e1afafa25d9200a7fb31687
content-length: 166

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
117 B 115ms
115ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e62463f3-0ed5-4c32-a972-da5eea9a6c8c&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&tpx_cb=twttr.conversion.loadPixels

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/assets/js/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Fri, 10 Dec 2021 13:09:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e978c2fc6448f43f9398803b0f0dc2726493d3992f53e378b75b17cd8a15f174
x-transaction: dc7a3463e61e4dbf
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2

200

adsct
t.co/i/
Redirect Chain

http://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e...
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=...

43 B
170 B

114ms
114ms

Image
image/gif

104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e62463f3-0ed5-4c32-a972-da5eea9a6c8c&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php

Requested by

Host: fifthy3bank.dd-dns.de
URL: http://fifthy3bank.dd-dns.de/53b/main.php

Protocol

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:09:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 106
pragma: no-cache
last-modified: Fri, 10 Dec 2021 13:09:16 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d90109a1062e9ddf8ee7ea35c18832e0286ced194fbca31b51d2dd4cd6194bc1
x-transaction: 91e82dff57a73586
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

location: https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=ny99k&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=e62463f3-0ed5-4c32-a972-da5eea9a6c8c&tw_document_href=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php
x-response-time: 109
date: Fri, 10 Dec 2021 13:09:15 UTC
cache-control: no-cache, no-store, max-age=0
server: tsa_o
x-connection-hash: 1c64059aaad7ce728604f8681bfe5a92174fd94fbff922afd514a8b0c24e308d
content-length: 0

GET
H/1.1 200
OK peOCYTutYmuxpUnV Show response
event.evtm.53.com/ Frame EA48 516 KB
96 KB 48ms
23ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/peOCYTutYmuxpUnV?e7222b18475462b7=FOW6D5uE1YvRaFCqlcoZszldDix-BjGwpSor61V-UTTSAon3nBOhNRPcdp0xI7yW_Ue9Q9q3QduDVkumTtY8TaVV77DABKQAaPYlS8LdBXDQasvJxAhZIKviKGs8ry6ZMgVA86zA3a26TE-P4QSwGgJPrcYkTYmDB-L1dOWRUl8Q04ZxTEkXd9ldMPwV2bBCvM7Y_SmHXgm1xniv&jb=3439242668716f77354c696e757026627b6f354e616c7570246a716275354368726d6f65266a71623f416870676d65253238393e

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/cuv00xe2ueakgfy8.js?6oxxz9y8a4w6l138=3z5dc3wi&8ntd16i21dvki75h=aa24f757-55a0-4880-b975-30fe490ee67e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0eddda78842f299fe37ae31c8cb538afe11810372ad415aac9bcaa29ed8c9c2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 59dd31f17d1a4f85
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dM2Tbl6QyWtoAcob
event.evtm.53.com/ Frame EA48 81 B
475 B 39ms
13ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.evtm.53.com/dM2Tbl6QyWtoAcob?fc351b3e77ff4d3a=EeSQyi5oBU637ZSW1i2WCPdOLl1v0kwaI-jQc5WBnVBDK2ptYRmsJeBvckgl2j4709G_Y6OmXIDQDOgI8RzCdC134sxNqOXRKDmtLWvRGaDRV5Lf1_9jBXRfI_Gown9ZsOjMoV8Nn5pX3gEWhOA_2yRjBTAZCpfy15oSWeY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 4Q28SmuQz88GInrQ
event.evtm.53.com/ Frame EA48 81 B
475 B 39ms
14ms Image
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.evtm.53.com/4Q28SmuQz88GInrQ?e2077f50f894264b=pZlFIFJ3CahbKqEQLwdhAgeA0wxb8gaWXmJtnNPmUWX2KaCr3-DVVpI0ryLaCTdOPTsTIavoaw1nWmf2kDegp3_xZyMGgxQrBMW1PZesjUCOtshTv4T6ThC5f2qPwipm5R49imKe0ABeRYJAcsnqtwO1a-6i7pT6foePwCM

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
event.evtm.53.com/fp/ Frame EA48 81 B
536 B 41ms
13ms XHR
image/png 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/fp/clear.png

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/peOCYTutYmuxpUnV?e7222b18475462b7=FOW6D5uE1YvRaFCqlcoZszldDix-BjGwpSor61V-UTTSAon3nBOhNRPcdp0xI7yW_Ue9Q9q3QduDVkumTtY8TaVV77DABKQAaPYlS8LdBXDQasvJxAhZIKviKGs8ry6ZMgVA86zA3a26TE-P4QSwGgJPrcYkTYmDB-L1dOWRUl8Q04ZxTEkXd9ldMPwV2bBCvM7Y_SmHXgm1xniv&jb=3439242668716f77354c696e757026627b6f354e616c7570246a716275354368726d6f65266a71623f416870676d65253238393e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 3z5dc3wi/59dd31f17d1a4f85aa24f757-55a0-4880-b975-30fe490ee67e
Referer: http://fifthy3bank.dd-dns.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:16 GMT
Last-Modified: Fri, 10 Dec 2021 13:09:16 GMT
Server: Apache
Etag: a0362d86d4764746b778c009aa23da5c
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: http://fifthy3bank.dd-dns.de
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 09 Dec 2026 13:09:16 GMT

GET
H/1.1

204
No Content

Cu3ZykG1bbiKdV-b Show response
h.online-metrix.net/ Frame EA48
Redirect Chain

https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?bfe02648af979330=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRFxi...
https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?0505674ac27c4450=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRF_c...

0
387 B

14ms
13ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?0505674ac27c4450=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRF_cFHucnB12BFnY_R8BuAx8&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 10 Dec 2021 13:09:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/Cu3ZykG1bbiKdV-b?0505674ac27c4450=uAKWQcokrc27rR_PIWGuKlv3bt4rEoGk9pXGdSqe_tQM0LNwTVRNzI33QFWZudeW5tYepheR6JdPHZ145n6n352dVNF0pGJZc37mVktgX-67P1PU3FaBqzIthUQjZiddbyCRF_cFHucnB12BFnY_R8BuAx8&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 409

GET
H/1.1 200
OK K_7Xytjq0HM8ULtk Show response
event.evtm.53.com/ Frame EE05 82 KB
13 KB 16ms
16ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/K_7Xytjq0HM8ULtk?aecae2f30dcf9935=iJHcBo1lLcXhf2OhYbFZ7YJnhe4cEzHlFNBuxVN7oNCVrpn8VY6auq6HgKbNwyf34AGSDjQ_a85Q8qGBmTPLW9IudPpsD0lvUod-W7s9F9LeXjzA2rkBybtyu5JVdZ4W1oS4DEQEPDApC3Ye68pXOc1RZvNlkxhV7vMSmoqtZcP_pUJ57Kj_UOXNaYDdBdKG_881uKw3R19c5P5yS9o

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6c359e1447e5b43c71ba377ab5bd0f7ea50c91f66a27e7af15a44cb7c303c08b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Date: Fri, 10 Dec 2021 13:09:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content iyzRtafqyY_PDkYY Show response
event.evtm.53.com/ Frame EA48 0
387 B 14ms
13ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK wNMpn9tF6km0BxE5 Show response
h.online-metrix.net/ Frame A6F7 95 KB
15 KB 36ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/wNMpn9tF6km0BxE5?4e72fb6af72dd97d=YJxNLKoxFLWKkNgosPhKiAPWWlgiY49XdRJd-6rm-mwec6OQDq2WzL-1c62sjPLfcj_24MCvWkF4auVFzxBOqTUcVqgogYoO-pdV3dh73lyFJRDGlfjs2bLxEZXJKDdN2yHLUXQbSj4ZZ0q6OKLhigXuShPi9Q674mkwBpdXGh40H22hswBqFxHpPiEOr3N2awINfRYofWDB5by1d_XN

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

1a7f3a11ac3347b2ed452eaffaef6d052acf349af53f152e97508798d8bbb688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Date: Fri, 10 Dec 2021 13:09:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content iyzRtafqyY_PDkYY Show response
event.evtm.53.com/ Frame EA48 0
387 B 14ms
13ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK OLnLjqoEoOxI9gyB Show response
event.evtm.53.com/ Frame F27F 82 KB
12 KB 30ms
30ms Document
text/html 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/OLnLjqoEoOxI9gyB?59f33da4e7830b92=AJvlXuxaJTI3EM2pTFiFGu-DPpkw0MJ1v9eqQHeo00VU1YVfO9fSbJVz2lRi4W0wzRmdv82c2bGx-S6LHCRSvLqAsyoDNJVxUDS45HqMhv0SJ0Zu-nhWAofqzisOA8DG2tsnJDgaURj_Fg8waffXmT-myNize8TKRXQVj9gs-ITfUjFUWiDfUvyIMvtnXYfDcgraSmiE_X_1xrVkyb44

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

5a385ff485c53d5c6297693ac199fb9c138258d7968632acfae61c8cf0054675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/

Response headers

Date: Fri, 10 Dec 2021 13:09:17 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 iyzRtafqyY_PDkYY Show response
event.evtm.53.com/ Frame EA48 0
218 B 28ms
28ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/iyzRtafqyY_PDkYY?96a1cf8eb0923ee9=vf5dpUPm4apKFboLfDbXPcIyzp5wCt6noCvffbWlxin1oDDX7cgtN2U65W6Vjdu7X4uDM6KL5SqSdYqKzNYy2QYp9tPbTja-mNdH60EUoHrUV8cwW6qJJEAy2-15nkJZdwkfiYT01b9wHLHZPlrZ89Hvb7Q&ja=323032312424633f38267a3d302e66353936383270333238322663663d393630307a3332303024737a7b3d3270302664707a3d3924313e32382e313a32302e313638302c313032302c313430322e313038302c31363830243932383224322c38246d763d61303832616061646337356466646464316561383439313c3f303e6031633769246d6c3d342e7363643f3034266c6a3d6a7674722d334125324e253a4e6661647c6a793b60616c6b2e6c642d646c712e64652732443733602d32466d61616e26786878246c703d60767472253349253246273046666964746a7b3360696e6b2e646c2d6c667326666d27324e24706e3d332e70683d353a6632386361346063646a653131336a373b303769673866336a66623064342e68683d616666653030313137353a6e653964626e323c6b3130353d35363d33383661612e6a736f3f4e696e757a266871623f4b68726f6d6d253a38393e2462716f7d3f4c6b6e7570266a7360773d4368706f6f67266c60633d34267c7a6c35457c612d30465d6c6b6c6f7766266d61766a723d343230316631613a626563303a653e6b633d343832383a63643335353c303166663635383833343366366769613234646b393c69666a663f30333931313b36612e703d706e7767696e5d666e63736a5666616c736d217864756f6b665d77616c646d7773576d65646b635f706c637967705e64696c736521786c7d6f69665d69666f6a675f636372676261745c64616c736721726e7565616e5f71756163637c69656756646164716523706c7d67696e5d71686f6369776374655c6e616c73652970647d67616c577065696e706e61796d725e66636e736521726c7765696c57766c635f786c6971657a5c6e636c7b6721726c756f696e5f666776616c74725c64616e7b6521706c7d6761665f7b746f5d7661677767725e6e616c736723706c7565696c5d6a637e615e666164736d2e65703135603739323460313231333839663637363331636136353439383665333a666d6b366a643136313f6726656c5f6b3d776560656c576560474e273232392e302532382847786566454427323847532732303a2e302530324368726d6d6b776d2b5f6562474c2d32384f4c5b4e2d30304d512530303126302532322a4f70656c474e2732324d532532304f4c5b44253a324d51253a32312c30253a304368706d6d69756f2955676249617457656243697c2d3238556d604744434e454c4557696e7376636e6365665f6370726371732533422d32384d585c5d6a6e6566665f6f696e6561782531402532304758565d636d646f725f627d666e6d72576a696e6657646c6d61742d33422530324558545d666e6d617657626c656e6c253b4a253a324d5a5457647263675f6c6570746a273342253030475a545d7b686164657a5f7c6d787c777a675f646d642733422d3230455a565f74657a747770655d6b6f6d70726d737b616f665d6a72746b2733402532384558545d766578747772675d636d65707265737b6967665f7a657c61253b402530304550545f74677a747572675f646b6c766d725f616e6173677c7267726161253b40253030574d424b49565d4558545d74677a74777a655f666964746d7a5f696c61716f7c706f7269632d33422530324558545d73504542273b4225323043485a57706970696e6c6d6e5f7168616c65725f616d6d70696e65273142273a304f45535765646d6d6d6c7c5d696666657a5f75616e742531402532304d45515d6660675f72656e6c657a576d61726563702d31422732304745535f7176616e646372665d64677a6976617461766d7b253b402d30304747535d746570747572675d666c6f6374273142273a304f455357746d70747d706d5d66646d61765f6c616e6561702733422530304d47535d7c657874757a65576061646457646c6763742733422d32304f47515f74657a747770655d60616c665f6e6c676974576e616c656970253142253a304f45515d76657276657a5d61707a61795f6f6a6a6d6b742d314a273238554540474c57636f6c6d705f6275646667705f64646f6174253b422d3a305f474a454c57616f6f70726d737365665d746578767570675f637b746325334a253a38574d404f4e5f6b6d6d7272657b7365645d766578747772675d65766b253342253a305f4d424f4e57616f6572726773736d645f74677a747572675f677663332d3342253238574d4a47445d6b6d6d7870657173656c5f74657a767572655d73317663273b422532305f454a43495c5d5f47424f4e5f616f6d787265737167645f7467787677726757733374632d334a2d3238554d4047445d636d6d707a65737367665f74657a747770655d7b3374635f7b726f6a253b402d30305f4742454c5f6c656275655d72656e66657067725d616e666f253b422d3a305f474a454c5766657274685774657876777265253142273030554d424b495457574d4a47445d6c67707c6a5f7665787c757265273142253232574740474e576472617757627d6e666d707b27334a27323257454a474c5f6e6d73655f616f6c76657a7c253342253a305f4d42434b5c5d574d40474e5f6c6773655f616d6e74657a74273142273a305745424f4c5765756476615d647a63773336266f6c5f683f3262303533636360363030303134323d356b6d633a633f67353c64383562383c36643637373034652477656e763f416e74656c2d3238416e6b2c2e756764703d4b6e746d6c2532324b7269732732324d706766474c25323845666f6966672e61636c3f31&jb=313531266e733d4f677a696c6c69253a4e3526322d30302055696c646f7f732532324c5425323231322c30273b422532305f69663e342d314a2732387a363629253a304170726e655765604b6b7625304e3533372e3b362d3a30204940564d442732412532386c696b67273230476763696d29273a30436872676d6d2d324e3b3e2c3026363634342e3133253232516166617069273046373b372e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:17 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK -D75Hdyiw-HCYK5F
3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net/ Frame EA48 81 B
438 B 71ms
14ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net/-D75Hdyiw-HCYK5F?82725ff247779496=jUc7NvMsUHaWioAwlfO5FgounyQYKQXh5_4drArnIJsR7JmO-8KVkwARbIphmqobh2hY8i_CNo95wNa3KRtBDdQWkAAz4AhcPdHYp5rT1viVQzQTB3ObG05oEuz0dc3SL-_VliVuO6FzCZ0oO3jzFiyCG5YK2ElCKN5h

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content hw5JazxgZp2mV6eA Show response
event.evtm.53.com/ Frame EE05 0
387 B 18ms
16ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/hw5JazxgZp2mV6eA?99e87f96366c0969=V4MMrNrXTdMkWRisxKmzUiTARsn9lTWPjvih1kPC5T5UtIYTH3VMVyKx8tx4cq9OOhdz8NAYYQ54viaztHTgNgzxp-Ylgsr0ZZUeTuacrPX1u9XBDAjk6mkArdhA70CegJKyCKeDvKkkvFJXATtaVhT2Ax8&jf=3336246c71603d6338306663333e37316a3238363e36343063633766396e32353464616438313b

Requested by

Host: event.evtm.53.com
URL: https://event.evtm.53.com/K_7Xytjq0HM8ULtk?aecae2f30dcf9935=iJHcBo1lLcXhf2OhYbFZ7YJnhe4cEzHlFNBuxVN7oNCVrpn8VY6auq6HgKbNwyf34AGSDjQ_a85Q8qGBmTPLW9IudPpsD0lvUod-W7s9F9LeXjzA2rkBybtyu5JVdZ4W1oS4DEQEPDApC3Ye68pXOc1RZvNlkxhV7vMSmoqtZcP_pUJ57Kj_UOXNaYDdBdKG_881uKw3R19c5P5yS9o

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://event.evtm.53.com/K_7Xytjq0HM8ULtk?aecae2f30dcf9935=iJHcBo1lLcXhf2OhYbFZ7YJnhe4cEzHlFNBuxVN7oNCVrpn8VY6auq6HgKbNwyf34AGSDjQ_a85Q8qGBmTPLW9IudPpsD0lvUod-W7s9F9LeXjzA2rkBybtyu5JVdZ4W1oS4DEQEPDApC3Ye68pXOc1RZvNlkxhV7vMSmoqtZcP_pUJ57Kj_UOXNaYDdBdKG_881uKw3R19c5P5yS9o
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content iyzRtafqyY_PDkYY Show response
event.evtm.53.com/ Frame EA48 0
387 B 14ms
14ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Dec 2021 13:09:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s29863800456152 Show response
tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LBWB/ 630 B
1 KB 76ms
54ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LBWB/s29863800456152?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F11%2F2021%2013%3A9%3A17%205%200&d.&nsid=0&jsonv=1&.d&mid=26457397448911159160155954831912690856&aamlh=6&ce=UTF-8&pageName=fifth%20third%20bank%20%7C%2053b%20%7C%20main.php&g=fifthy3bank.dd-dns.de%2F53b%2Fmain.php&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v31=fifthy3bank.dd-dns.de%2F53b%2Fmain.php&c40=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&c64=1&v64=New&c65=4.0&c66=Cookies%20Not%20Supported&c67=%7Cundefined%7Cundefined&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=CBBDCBC1557213FE7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js

Protocol

HTTP/1.1

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b94557f9f60a274e2162ebb4ba7222a5bc65856b60281d7b5f00ab3b225b86d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-aam-tid: i4P5WBGQS+A=
date: Fri, 10 Dec 2021 13:09:17 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 630
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v020-05033b576.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Sat, 11 Dec 2021 13:09:17 GMT
server: jag
xserver: anedge-6988cccb6f-9mpjw
etag: 3520030121037725696-4619926971138285931
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 09 Dec 2021 13:09:17 GMT

GET
H/1.1 200
OK s29153823583727 Show response
tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LBWB/ 630 B
1 KB 39ms
38ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

http://tms.53.com/b/ss/fifththirdbankdev/10/JS-2.20.0-LBWB/s29153823583727?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F11%2F2021%2013%3A9%3A17%205%200&d.&nsid=0&jsonv=1&.d&mid=26457397448911159160155954831912690856&aamlh=6&ce=UTF-8&pageName=fifth%20third%20bank%20%7C%2053b%20%7C%20main.php&g=fifthy3bank.dd-dns.de%2F53b%2Fmain.php&cc=USD&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=fifth%20third%20bank%20%7C%2053b%20%7C%20main.php&v2=fifth%20third%20bank%20%7C%2053b%20%7C%20main.php&v16=%25AdobeEID%25&v31=fifthy3bank.dd-dns.de%2F53b%2Fmain.php&c40=http%3A%2F%2Ffifthy3bank.dd-dns.de%2F53b%2Fmain.php&v40=fifthy3bank.dd-dns.de%2F53b%2Fmain.php&c64=1&v64=New&c65=4.0&c66=Cookies%20Not%20Supported&c67=%7Cundefined%7Cundefined&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=CBBDCBC1557213FE7F000101%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EP7b1fa4581fb94dd0961a981af9997765/AppMeasurement.min.js

Protocol

HTTP/1.1

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

fae6d29aec604c1b07a218ebf53c916ddf41645142351425b409347d56ab30af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-aam-tid: k4Vt3k/FSII=
date: Fri, 10 Dec 2021 13:09:17 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 630
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v020-05f30c888.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Sat, 11 Dec 2021 13:09:17 GMT
server: jag
xserver: anedge-6988cccb6f-5sg6b
etag: 3520030121314713600-4619704017238437192
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 09 Dec 2021 13:09:17 GMT

GET
H/1.1 204
204 bRL683g5XwWw-7nR Show response
event.evtm.53.com/ Frame EA48 0
218 B 14ms
14ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://event.evtm.53.com/bRL683g5XwWw-7nR?024e4e5c674a17a4=9-vytBu_Ga3AtM0qxWU6MhImcNjHhLwsz1sw1BXyCqBHF5TVuG6z9BNh4WthqgSyFdWJX83ImONeaqphBeE_yRqSf3-qUm9VJBREXFZVbOrQwOlH8B3naaSRc9xQwbwark2nLrDM3TdtMZxcP6Ay65vXjWRVpvkGpXrxo6TJ4Q2ia2HzgHOGmiN2-xaoaxQI-PUWDDZa5J3DMKXZ_rI&jac=1&je=383424267265653f2d374225323a766d7a253a302d31413b27324125323a756e646764696e656630324d5056414f4e30253a322d3b412d374a64616471652732432d32324f5256494f4e2732302732413c253544253f44

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:18 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 bRL683g5XwWw-7nR Show response
event.evtm.53.com/ Frame EA48 0
218 B 15ms
14ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:20 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=93
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 204
204 bRL683g5XwWw-7nR Show response
event.evtm.53.com/ Frame EA48 0
218 B 14ms
14ms Script
text/javascript 185.32.241.65
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.32.241.65 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fifthy3bank.dd-dns.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 10 Dec 2021 13:09:21 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=92
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fifth Third Bank (Banking)

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
event.evtm.53.com/	1970-01-21 18:31:01	Name: thx_guid Value: 306c564766c04452964ffed8565d9234
.fifthy3bank.dd-dns.de/	1969-12-31 23:59:59	Name: AMCVS_CBBDCBC1557213FE7F000101%40AdobeOrg Value: 1
.fifthy3bank.dd-dns.de/	1970-01-20 01:28:37	Name: _gcl_au Value: 1.1.1376704615.1639141755
.twitter.com/	1970-01-20 16:50:13	Name: personalization_id Value: "v1_qK8ypXuQdBQKeQgOddunuw=="
.mathtag.com/	1970-01-20 08:44:56	Name: uuid Value: 17ea61b3-517b-4600-b3f2-33835e7d7a77
.doubleclick.net/	1970-01-20 08:40:37	Name: IDE Value: AHWqTUk-J_asVuCBB69siYMc-catgG-yd18HZX1J770guvBtLgjG3ZC_oxDGgGMs
.everesttech.net/	1970-01-20 08:04:37	Name: everest_g_v2 Value: g_surferid~YbNRewAAAFApvwP0
.fifthy3bank.dd-dns.de/	1970-01-20 01:28:37	Name: _fbp Value: fb.2.1639141755308.1177647960
.facebook.com/	1970-01-20 01:28:37	Name: fr Value: 0y2QJpPKAxaKKvyau..Bhs1F7...1.0.Bhs1F7.
.linkedin.com/	1970-01-20 00:02:13	Name: UserMatchHistory Value: AQJdf4-qFPB4sQAAAX2kdkm9aF4tTVGXN3f3g9KiAFkZvyBMaosCnQxqKr1QUsmuASN-veDwSiXmyA
.linkedin.com/	1970-01-20 00:02:13	Name: AnalyticsSyncHistory Value: AQLOultt1W2OhgAAAX2kdkm9m8Mk4I27TQOTPrAl_pJePoLIs550-xE8ftjRc1bYIsXN01Vkj1XnxE1QhodpZA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:50:55	Name: bcookie Value: "v=2&12fd0f1d-b73d-4e8c-8ff0-8252087bbc3e"
.linkedin.com/	1970-01-19 23:20:28	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2170:u=1:x=1:i=1639141755:t=1639228155:v=2:sig=AQGRDD-zdt5S4R3RbBFXvhPBKxsSPawY"
.demdex.net/	1970-01-20 03:38:13	Name: demdex Value: 30288111137228255411170323113026573151
.dpm.demdex.net/	1970-01-20 03:38:13	Name: dpm Value: 30288111137228255411170323113026573151
fifthy3bank.dd-dns.de/	1970-01-20 08:49:16	Name: __atuvc Value: 1%7C49
fifthy3bank.dd-dns.de/	1970-01-19 23:19:03	Name: __atuvs Value: 61b3517bb34efe8a000
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 16:50:55	Name: bscookie Value: "v=1&20211210130915c0c96269-6ea0-455c-8d15-211895dec096AQG48AC0fRQBNJ_fnhNx-K0xBgFElfpa"
.linkedin.com/	1970-01-20 16:49:19	Name: li_gc Value: MTswOzE2MzkxNDE3NTU7MjswMjHe4jtv6sGH8EL1eRwyhLHlxyI/xxvf3Q3PTxaayrXz8Q==
.fifthy3bank.dd-dns.de/	1970-01-20 16:50:13	Name: AMCV_CBBDCBC1557213FE7F000101%40AdobeOrg Value: -432600572%7CMCIDTS%7C18972%7CMCMID%7C26457397448911159160155954831912690856%7CMCAAMLH-1639746554%7C6%7CMCAAMB-1639746554%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1639148954s%7CNONE%7CMCSYNCSOP%7C411-18979%7CvVersion%7C4.5.2
.addthis.com/	1970-01-20 08:49:16	Name: uvc Value: 2%7C49
.addthis.com/	1970-01-20 08:49:16	Name: loc Value: MDAwMDBFVURFSEUyMjk3MTg4NjAwMzAwMDBDSA==
h.online-metrix.net/	1970-01-21 18:31:01	Name: thx_global_guid Value: abeef9023efc424fb0924feffaf6d4ef

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://fifthy3bank.dd-dns.de/53b/assets/js/init.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://fifthy3bank.dd-dns.de/53b/assets/js/init.js(Line 10) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://assets.adobedtm.com/launch-ENf0bbb7156e514ac9ac6520d4cb47577a-staging.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/icomoon.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.53.com') does not match the recipient window's origin ('http://fifthy3bank.dd-dns.de').
security	error	URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.53.com') does not match the recipient window's origin ('http://fifthy3bank.dd-dns.de').
security	error	URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.53.com') does not match the recipient window's origin ('http://fifthy3bank.dd-dns.de').
security	error	URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html(Line 40) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.53.com') does not match the recipient window's origin ('http://fifthy3bank.dd-dns.de').
network	error	URL: http://fifthy3bank.dd-dns.de/TRWNcpZcXcihe/qJiKUI/q97ljdss/DauDpkG4w5wu/AB5YVy8/PzlbTlU/kWGsB Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://fifthy3bank.dd-dns.de/53b/assets/css/clientlib-fonts/resources/fonts/icomoon.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://platform.twitter.com/widgets/widget_iframe.a53eecb4584348a2ad32ec2ae21f6eae.html?origin=https%3A%2F%2Fwww.53.com(Line 17) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.53.com') does not match the recipient window's origin ('http://fifthy3bank.dd-dns.de').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3z5dc3wisox5ovnkutawgdvxshpqhzlamb3ztcjx59dd31f17d1a4f85am1.e.aa.online-metrix.net
analytics.twitter.com
assets.adobedtm.com
cm.everesttech.net
connect.facebook.net
contactforms.53.com
dpm.demdex.net
eloqua.53.com
event.evtm.53.com
fast.fifththird.demdex.net
fifthy3bank.dd-dns.de
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.online-metrix.net
img.en25.com
m.addthis.com
pixel.mathtag.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
s7.addthis.com
snap.licdn.com
static.ads-twitter.com
syndication.twitter.com
t.co
tms.53.com
v1.addthisedge.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
z.moatads.com
s7.addthis.com
104.111.229.66
104.244.42.200
104.244.42.5
104.244.42.67
108.174.10.14
142.0.160.57
142.0.173.134
142.250.185.66
15.188.95.229
184.30.24.121
185.32.241.65
199.232.136.157
2.16.186.56
2.18.233.201
2.18.235.40
2620:1ec:21::14
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200a
2a02:26f0:6c00:2b0::1e80
2a02:26f0:6c00::210:ba20
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
45.92.124.67
54.154.165.122
54.194.29.148
91.235.132.130
91.235.134.131
93.184.220.66
00a57617df99ac957720b7332f9d15449def3ebe11169d68f12c47a3cde5168d
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0da0dffa26ab94cf886df224d77408fba36150168331a17b9fc2068561c258ac
0e998b79c439d1f7ab12e02239bfbd000f001d2df4e22fee6010fbb2ce69fee5
0eddda78842f299fe37ae31c8cb538afe11810372ad415aac9bcaa29ed8c9c2b
109cf1f166ba1e18734ca4a1d07e758e9d08abfab979578ffd0390c489c383ce
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
169a75d30b77848d35b92d488dc6f5803faef1a4312c5c87310e5dd9e4362616
1777f023a61ea16a4888e9baa951d81736426c5b880fca946f9d37d0eb2cffae
19595146664c6bd9e77d1b736b74e29c98b4ea3ef6a22d46bccc632db663d9d1
1a7f3a11ac3347b2ed452eaffaef6d052acf349af53f152e97508798d8bbb688
24613ebd1ed486e6d2e16092efea69dccf252bf0e2b6c8d8cee50a57effefb92
24f1c50f677ebcf116acbf443d212b471940ff2a470edfd849af35e3d2079fe0
2dd0d2db54bb7f42ad5821d166f14aa1d495e714daef94a26ba8d7776ff7b2b2
2dfa2e93cf9ea5f54c1ed62c92ae20d7b51915297584273e1f85a116ffb0ddab
2f6a2708bb08039d7670a428ddc421f27ed1d6e2fdca03c59001f56f4791e07a
301ae2f691b032302fca758b0bd2fda59d2ffa8ae380c78ed5acf94a9139210b
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
3a9fd4ba40b13c1a2f3d2fea53a2b79f8d86ca352abce9c1a3b11f2a30e55962
3bef20a9abe7e27e636a8749e26835c1d2d44c4348a03375fdabdc4d734c1c3b
414b33c761e7ba385e0bd403c1d0c1fe37978a956a3898309f17518b217025c8
4796a2cac7d1487b34f25bc12aa7165ca6db2bc924e6e294fdbc628529c479eb
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
506ff5c4d37c218c9e2581ae7e7bd9bb94e1fbb2a3d7b5584f332966fa003981
54acf44ac22fcdc569ddb2a9bc8de353551769ac3ce80ca291038b7f17b58175
553cf2b2c5bbfeb7e378225e222b998c89f8944e1a4accdeeaeb93cc933ca5bd
5820701d2c6ea1d9f83589701f95b8a2a0cf8e0863df93e4b9f762d847802f4b
59743210ae7110b75ac1665a31cdf6b6312c5db2603a1d7789cb5fbcaa8dcb8e
59e9fa449b0fe2121725214975e4d34d7bcbd70ee180170fd9b061758fd5589d
5a385ff485c53d5c6297693ac199fb9c138258d7968632acfae61c8cf0054675
5acfc48a41239342182d717cae97a3f2eeaadc65de5197a453d9c22916a6d2e8
5b7c3454e28e6d9aab3b2580be6b56e337540c0b56bcc847984282be325f8c95
5ed0a8568bc221ab9f5e766d6ef0c858ad327477cc0c5d0b6ed376392bb282d3
5ff7802837aa40d9e7b1edb61061edf90abc17820944a1f24a2edbd14d0afd16
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3
61c857f49daf5027a73cc384e5e75d01e0b9123a7e77792ab282026f451f6ed9
63f8d1cac7f399a5a8a89ed7c50b79980fd978583e819dfbd38f0387f10aa967
66219bc99ac30a346552ced8a3a2739c915b441219cfd9cf3dbef943cf7ca7bf
6c2ab9f3416084bd3ecb445e18b4b253f6acba1ee5014e829b22c7cf1a9e8082
6c359e1447e5b43c71ba377ab5bd0f7ea50c91f66a27e7af15a44cb7c303c08b
6ce1514e912b03e453dd2502e2506aed7a3650c57824c32b8f00a85489752ca9
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
775b6027a5c93e42bd0effcb8392749d26ffcd3ab6ac1248ad63d547eed87702
7a38f7847e4e8a9ae63faa1aa9f91638d30edb02ee770d641eb66123c06f4369
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80d53371b8cec4269dff56af1fd925d5c4526f439c1486deac4638843a1c987d
86e965b9f26217bb2e3337078aa8a8c08525e5593b551103f8f07fbd94b8ce1e
8852250970301a870d0a14722a7fda66b2a74bbb65bf2b7b3fe80dc8d8434ee6
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bb7cc6eaa94772436e168ef44471e9436490efff53bc38e83a6f359659663e1
8c4511e693b55cd1cd794d7b8787e65a64a5ca004e00d9852aaf369061198490
8fa00164e19262e90668757616138491f3e7b115560f9f5a3a94f492d687e062
918b44fc55bb578b68e2197ca0d8cfeec08b81af04196324d3dddc6f919f0c40
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
95e07b9ed10bad5fc15c9e4eb80c3a5a5a53d45203a8225685ca2f53334b5903
9604dbabba22c1d2ef244a1b76ec794b0fdb510dcfe6b6b7fee3b300e4e25e65
9c5c8223f14e72a1aa6022c02f7fd7b657807fe49a98dd74a7a7292c6e199cdc
9cc56307a599f98aca4e3fedeba9b46a424244e8257a64f0e9700f7d90cf2834
9e59ff6d845fb5f4fec874d19ae9dc040d68ea904198f60f9be4a635d4557903
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a026d1ab731d46c09678f0a76a5ac8a19c879f5cb5bbcc84faa0be2f3b215a34
a41032b705f624b9e188124f35ffa60061fb90257f32e532f80fb51e109c8fae
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b156d531175d53cffe1d5c8599caa26ca42051c1904c23ee06c91629ab2cb235
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b31863c3bc951f946401fd3fcdffdcccb3947d74ecff37cd6b192d33692ff10b
b4831187612ef74589b40199fa2014e002128688eaaf14ebc9d8efa2085ec6f5
b832df9c5e122a9a4c2b093445350f15892dd55a40679e401fe840a641d1740b
b94557f9f60a274e2162ebb4ba7222a5bc65856b60281d7b5f00ab3b225b86d0
ba6e6298ad6a706fead44c5814e90d4b64995ac17bf3701ebc4811aab0fa0ecb
c4f7bda4ef3edb7a05e6d498eedc5698fa1f7a071f8845a4f92dd4077e91ca5f
c5b162f113556f5377c27c751e0df2d855f94b99156ba3d05f515cc814979c0b
c62e30ed4b6c1bce8e6dcfa821bdf17bd9d87951465c344f69d00f74d0c54dea
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c92295bd1bd22a2460a97272741c3ef8753884a1a370ad862753cc16e6d94e85
c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45
cf6b36839eae51e7c105734ca4762a5009c2d0121593e485c70daaf824bb1f94
d18e1269d9c3bbb350e0c4b3d317af40b6f3c490bddae1f51a7590ff05070e24
d610c4681a07ce57229a1b3828dc374c73f5684bb07f3c877a655442843d38b5
d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44
da05272cfbacbac3445b00f7ebd20209a37375ada8a73bd7d4d4d9b4703d1562
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46f09e4cdcb6a35643984a7ad25ecc0fabd104a72579b178e52f37bbfe744fd
e593de471c67078e3f80049b8e514de4832e0632fec30bf357eb471b9fe322ac
eed94919f09f2a30d158ed179fd50b254b9de9f4308c0a6f4d56fdc6eca5b772
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f3bcb0fe2fa0acc39d13fda1ac377383e36da9d4d47e1ce66798e367fb6f8df3
f4655867c481e5717a210ef7e1b40cd5cb244082e37e2a762a34b42982016df3
f77ecc5523f17169fadad242178930545222a8407684f723bf11720db2d7d071
fa313fbb7800e7f314c2bbf6d4ec6d04bc8df2300a1942a45c3f6ca8b079fde6
fae6d29aec604c1b07a218ebf53c916ddf41645142351425b409347d56ab30af
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

fifthy3bank.dd-dns.de Open in urlscan Pro 45.92.124.67 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

181 Requests

64 %HTTPS

34 %IPv6

25 Domains

35 Subdomains

31 IPs

5 Countries

2101 kBTransfer

6751 kBSize

25 Cookies

6 Outgoing links

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

fifthy3bank.dd-dns.de Open in urlscan Pro
45.92.124.67 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

64 %
HTTPS

34 %
IPv6

25
Domains

35
Subdomains

31
IPs

5
Countries

2101 kB
Transfer

6751 kB
Size

25
Cookies

181 HTTP transactions
0 data transactions