fintech-ht.duckdns.org Open in urlscan Pro
20.25.50.14 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://me.everfica.com/home/yD3kz
Effective URL:
https://fintech-ht.duckdns.org/dashboard/
Submission: On March 23 via manual (March 23rd 2022, 5:51:06 pm UTC) from IN — Scanned from DE

Summary HTTP 119 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 19 domains to perform 119 HTTP transactions. The main IP is 20.25.50.14, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is fintech-ht.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 23rd 2022. Valid for: 3 months.

This is the only time fintech-ht.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.54.115.96 198.54.115.96	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1 11	20.25.50.14 20.25.50.14	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
11	3.124.119.57 3.124.119.57	16509 (AMAZON-02) (AMAZON-02)
1 24	104.126.37.162 104.126.37.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 7	104.126.37.161 104.126.37.161	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.189.67.17 52.189.67.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
13	91.235.132.141 91.235.132.141	30286 (THM) (THM)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	35.186.193.174 35.186.193.174	15169 (GOOGLE) (GOOGLE)
1	34.253.74.200 34.253.74.200	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:27::... 2620:1ec:27::cafe:1799	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
119	25

1 198.54.115.96 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server111-2.web-hosting.com

me.everfica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 20.25.50.14 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

fintech-ht.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com

ensighten.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 104.126.37.162 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-162.deploy.static.akamaitechnologies.com

onlinebanking.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.126.37.161 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-161.deploy.static.akamaitechnologies.com

www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.189.67.17 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

huntingtonbank.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.132.141 (United States)

ASN30286 (THM, US)

ddata.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.174 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 174.193.186.35.bc.googleusercontent.com

media-lax1.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.74.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

huntington-bank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

smetrics.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1799 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.166 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

10701487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	huntington.com 3 redirects onlinebanking.huntington.com — Cisco Umbrella Rank: 89234 www.huntington.com — Cisco Umbrella Rank: 47868 smetrics.huntington.com — Cisco Umbrella Rank: 48399	135 KB
24	huntingtonbank.com ensighten.huntingtonbank.com — Cisco Umbrella Rank: 71865 ddata.huntingtonbank.com — Cisco Umbrella Rank: 55870	146 KB
11	duckdns.org 1 redirects fintech-ht.duckdns.org	48 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 10701487.fls.doubleclick.net — Cisco Umbrella Rank: 97602	8 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	1 KB
7	bing.com bat.bing.com — Cisco Umbrella Rank: 338	23 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	269 KB
6	inq.com huntingtonbank.inq.com — Cisco Umbrella Rank: 73219 media-lax1.inq.com — Cisco Umbrella Rank: 39228	430 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6433	804 B
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 779	1 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3133 16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net	15 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	621 B
1	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 6877	7 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 567	173 B
1	demdex.net huntington-bank.demdex.net — Cisco Umbrella Rank: 115970	3 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 394	6 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 101	15 KB
1	everfica.com 1 redirects me.everfica.com	1 KB
0	Failed function sub() { [native code] }. Failed
119	19

	Domain	Requested by
24	onlinebanking.huntington.com	1 redirects fintech-ht.duckdns.org onlinebanking.huntington.com
13	ddata.huntingtonbank.com	fintech-ht.duckdns.org ddata.huntingtonbank.com
11	ensighten.huntingtonbank.com	fintech-ht.duckdns.org onlinebanking.huntington.com
11	fintech-ht.duckdns.org	1 redirects fintech-ht.duckdns.org
7	www.huntington.com	1 redirects fintech-ht.duckdns.org www.huntington.com
7	bat.bing.com	fintech-ht.duckdns.org onlinebanking.huntington.com bat.bing.com
7	www.googletagmanager.com	fintech-ht.duckdns.org onlinebanking.huntington.com www.googletagmanager.com
5	www.google.de	fintech-ht.duckdns.org
5	www.google.com	fintech-ht.duckdns.org
5	googleads.g.doubleclick.net	fintech-ht.duckdns.org www.googleadservices.com
4	10701487.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	sp.analytics.yahoo.com	fintech-ht.duckdns.org
3	media-lax1.inq.com	fintech-ht.duckdns.org
3	huntingtonbank.inq.com	fintech-ht.duckdns.org onlinebanking.huntington.com
2	adservice.google.com	10701487.fls.doubleclick.net
2	h.online-metrix.net	ddata.huntingtonbank.com
2	www.facebook.com
2	smetrics.huntington.com	1 redirects fintech-ht.duckdns.org
1	16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net
1	media-us1.digital.nuance.com	huntingtonbank.inq.com
1	insight.adsrvr.org	fintech-ht.duckdns.org
1	huntington-bank.demdex.net	fintech-ht.duckdns.org
1	s.yimg.com	fintech-ht.duckdns.org
1	www.googleadservices.com	fintech-ht.duckdns.org
1	me.everfica.com	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	ddata.huntingtonbank.com
119	26

This site contains links to these domains. Also see Links.

Domain
www.huntington.com
selfservice.huntington.com

Subject Issuer	Validity	Valid
fintech-ht.duckdns.org cPanel, Inc. Certification Authority	`2022-03-23` - `2022-06-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-14` - `2022-05-04`	2 months	crt.sh
ensighten.huntingtonbank.com GeoTrust EV RSA CA 2018	`2020-07-10` - `2022-07-15`	2 years	crt.sh
huntington.com GeoTrust EV RSA CA 2018	`2020-07-08` - `2022-07-13`	2 years	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
ddata.huntingtonbank.com GeoTrust EV RSA CA 2018	`2020-07-11` - `2022-07-20`	2 years	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-29` - `2022-03-29`	3 months	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-12-28` - `2023-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://fintech-ht.duckdns.org/dashboard/
Frame ID: D44B5B6B0C5563CF38F8875287AD6B48
Requests: 92 HTTP requests in this frame

Frame: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Frame ID: 39DB4FAEE193D45435C4BEAAEDE00081
Requests: 6 HTTP requests in this frame

Frame: https://huntington-bank.demdex.net/dest5.html?d_nsid=0
Frame ID: 279EBC8449BF135ED14AEECD579CF7E1
Requests: 1 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jb=343b2e2468716d773d4e6b6e757a266a7b673d4e6b6c7d78266871607d3d4160726d6567246871603d416a726f6f65253a38393b
Frame ID: 537B6F1A78484C21CE70B370980B0309
Requests: 11 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F
Frame ID: A855FC6EF2E4BD95777FFA116B6A30DF
Requests: 2 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F
Frame ID: 39D9AFA4A2728D3814E2ADD61341DAA3
Requests: 2 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d
Frame ID: A49BBBE5543CC73B2D4CD228451AA927
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d
Frame ID: C3B86E69208EB50E8F9CF28BFDF42108
Requests: 2 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/top_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d
Frame ID: FCEB43141B6158AF86946EEC992BA341
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Huntington Online Banking Login | Huntington Chat with a bankerClose FlagSearchFAB_AskUs

Page URL History Show full URLs

https://me.everfica.com/home/yD3kz HTTP 301
https://fintech-ht.duckdns.org/ HTTP 301
https://fintech-ht.duckdns.org/dashboard/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+name="__VIEWSTATE

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

119
Requests

96 %
HTTPS

36 %
IPv6

19
Domains

26
Subdomains

25
IPs

5
Countries

1105 kB
Transfer

2136 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.huntington.com/customer-service/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/ForgotPassword/
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/Enrollment/
Title: Enroll in Online Banking

Search URL Search Domain Scan URL

URL: https://www.huntington.com//Privacy-Security/protecting-yourself/identity-theft
Title: Identity Protection

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/how-we-protect-you/huntingtons-security-commitment
Title: Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/Privacy-Policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.huntington.com/personal/online-services/huntington-online-guarantee
Title: Online Guarantee

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://me.everfica.com/home/yD3kz HTTP 301
https://fintech-ht.duckdns.org/ HTTP 301
https://fintech-ht.duckdns.org/dashboard/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://onlinebanking.huntington.com//rol/ensightenBootstrap.js HTTP 301
https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js

Request Chain 25

https://www.huntington.com/-/fxm/web/ HTTP 302
https://www.huntington.com/Presentation/rol-manage.js

Request Chain 82

https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=fintech-ht.duckdns.org%2Fdashboard%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1 HTTP 302
https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=fintech-ht.duckdns.org%2Fdashboard%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1

Request Chain 90

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F

Request Chain 91

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F

119 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
fintech-ht.duckdns.org/dashboard/
Redirect Chain

https://me.everfica.com/home/yD3kz
https://fintech-ht.duckdns.org/
https://fintech-ht.duckdns.org/dashboard/

47 KB
47 KB

541ms
540ms

Document
text/html

20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c536ebb1999461caf62e8d78e55d083d30d8573f99e467f7594908482c58f6c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 23 Mar 2022 17:50:59 GMT
Server: Apache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Wed, 23 Mar 2022 17:50:59 GMT
Server: Apache
Location: https://fintech-ht.duckdns.org/dashboard/
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 43ms
19ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14884
x-xss-protection: 0
server: cafe
etag: 4198181851688197673
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 17:50:59 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 44ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c011a56796747bda740bfcde41e2c0febf1d82580f05a593949ceed6a0d73057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:50:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40712
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:50:59 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 56ms
37ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB727D70844C41BDA2EA46238E40505D Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:00Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 23 Mar 2022 17:51:00 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7dfe2a4f1e11d258bcd7d7b713fd767ac33685a421c7e3cac67105c82af8f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36957
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 65ms
21ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Wed, 23 Mar 2022 17:49:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: dc/QfzS/slV5l+1ETlrN17nJz7FzU/T/ULu92niUynWAJZeWYupkTQxOVGRRmtWts+AQhP2cr9A=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: X3HGKBRBB9CBXXZB
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ac66aa74326a8fa0e24180b6db457f6d.js Show response
ensighten.huntingtonbank.com/huntington/olb/code/ 24 B
238 B 10ms
10ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/code/ac66aa74326a8fa0e24180b6db457f6d.js?conditionId0=422774
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
last-modified: Thu, 05 Apr 2012 12:15:43 GMT
server: nginx
etag: "4f7d8cef-18"
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 24
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/olb/ 312 B
400 B 92ms
9ms Script
text/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/serverComponent.php?r=82.41776782117654&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/olb/code/&publishedOn=Thu%20Oct%2001%2019:28:25%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: db12b2adc6604867083d069c092a8e2437b3b22ec7380557cf3d350ca05034b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:50:59 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Wed, 23 Mar 2022 17:50:58 GMT

GET
H2 404 ruxitagentjs_ICA2SVfqrux_10199200831173248.js
onlinebanking.huntington.com//rol/Common/scripts/ 0
0 446ms
362ms Script
text/html 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 404
Not Found reset.css
fintech-ht.duckdns.org/rol/Styles/Structure/960/ 0
0 250ms
92ms Stylesheet
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/Styles/Structure/960/reset.css
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 text.css
onlinebanking.huntington.com//rol/Styles/Structure/960/ 1 KB
911 B 151ms
69ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Structure/960/text.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 529
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 960_16_col.css
onlinebanking.huntington.com//rol/Styles/Structure/960/ 4 KB
1 KB 152ms
70ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Structure/960/960_16_col.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 821
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 huntington-rol.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 57 KB
12 KB 1192ms
1110ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 11576
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 09 Mar 2022 19:11:19 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "8065f474e933d81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 propertyClasses.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 598 B
960 B 150ms
69ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/propertyClasses.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 598
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 widgets.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 12 KB
3 KB 170ms
89ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/widgets.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 2435
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 NavBar.css
onlinebanking.huntington.com//rol/Styles/Navigation/ 2 KB
1000 B 197ms
116ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Navigation/NavBar.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 618
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com//rol/Styles/JQueryUIThemes/custom-theme/ 59 KB
8 KB 198ms
116ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/JQueryUIThemes/custom-theme/jquery-ui-1.8.9.custom.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 7788
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 modal-dialog.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 1 KB
930 B 200ms
119ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/modal-dialog.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 548
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 hnb.aria.common.css
onlinebanking.huntington.com//rol/Styles/ 574 B
936 B 218ms
137ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/hnb.aria.common.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 574
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2

200

Bootstrap.js Show response
ensighten.huntingtonbank.com/huntington/olb/
Redirect Chain

https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js

59 KB
17 KB

36ms
36ms

Script
application/javascript

3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f9023208f03b3566fc5f9796d8a867c51d87ac37dddc44170d197a653bddf47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
last-modified: Sun, 26 Sep 2021 05:26:13 GMT
server: nginx
etag: W/"61500475-ed93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
x-permitted-cross-domain-policies: none
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 187
server-timing: dtSInfo;desc="1"
content-length: 187
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: Microsoft-IIS/10.0
format-detection: telephone=no
date: Wed, 23 Mar 2022 17:51:01 GMT
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js
cache-control: max-age=0, no-cache, no-store
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
onlinebanking.huntington.com//rol/Script/ 85 KB
30 KB 258ms
177ms Script
application/javascript 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/jquery-3.1.1.min.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 30130
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 safeready.js Show response
onlinebanking.huntington.com//rol/Script/jQuery/Extensions/ 311 B
682 B 246ms
165ms Script
application/javascript 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/jQuery/Extensions/safeready.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

760fa8f3b6a53a51fce23d438181c2050a5500037c7c00b5218b3543313a69dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 311
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H/1.1 404
Not Found jquery.autotab.js
fintech-ht.duckdns.org/rol/Script/ 0
0 274ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/Script/jquery.autotab.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 Auth.css
onlinebanking.huntington.com//rol/Styles/Presentation/Auth/ 6 KB
2 KB 257ms
177ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/Auth/Auth.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 1800
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 jquery.cookie.js Show response
onlinebanking.huntington.com//rol/Script/jquery.cookie/ 2 KB
1 KB 280ms
200ms Script
application/javascript 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/jquery.cookie/jquery.cookie.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 703
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 json2.min.js Show response
onlinebanking.huntington.com//rol/Script/Ajax/ 17 KB
6 KB 302ms
222ms Script
application/javascript 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/Ajax/json2.min.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 5455
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2

200

rol-manage.js Show response
www.huntington.com/Presentation/
Redirect Chain

https://www.huntington.com/-/fxm/web/
https://www.huntington.com/Presentation/rol-manage.js

1 KB
1 KB

16ms
15ms

Script
application/javascript

104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/rol-manage.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 599
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 15:58:32 GMT
x-frame-options: sameorigin
date: Wed, 23 Mar 2022 17:51:01 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=767780
etag: "084daee019d81:0"
accept-ranges: bytes
expires: Fri, 01 Apr 2022 15:07:21 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: master-only
date: Wed, 23 Mar 2022 17:51:01 GMT
x-frame-options: sameorigin
p3p: CP="NON CUR OTPi OUR NOR UNI"
location: https://www.huntington.com:443/Presentation/rol-manage.js
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8
content-length: 180
x-content-type-options: nosniff
x-ua-compatible: IE=edge

GET
H2 200 chat-fab.js Show response
www.huntington.com/Presentation/Scripts/ 19 KB
7 KB 108ms
28ms Script
application/javascript 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="798212078"
content-length: 7010
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 16:03:34 GMT
x-frame-options: sameorigin
date: Wed, 23 Mar 2022 17:50:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=760262
etag: "0fdcc2e019d81:0"
accept-ranges: bytes
expires: Fri, 01 Apr 2022 13:02:01 GMT

GET
H2 200 site-survey.min.js Show response
www.huntington.com/Presentation/Scripts/ 7 KB
3 KB 117ms
37ms Script
application/javascript 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-142843535"
content-length: 3053
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Mar 2022 15:59:42 GMT
x-frame-options: sameorigin
date: Wed, 23 Mar 2022 17:50:59 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=2547765
etag: "0abcb85533d81:0"
accept-ranges: bytes
expires: Fri, 22 Apr 2022 05:33:44 GMT

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ 5 KB
2 KB 482ms
127ms Script
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

8863784cd89b88c85cc220ad2f4f7c0035068d1709749b0b8bf6900f77656d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "H8tL8mZKYMr"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
last-modified: Thu, 10 Mar 2022 06:33:01 GMT
accept-ranges: bytes
content-length: 1963
x-xss-protection: 1; mode=block
expires: Wed, 23 Mar 2022 18:51:00 GMT

GET
H2 200 site-survey.min.css
www.huntington.com/Presentation/Styles/ 4 KB
2 KB 97ms
18ms Stylesheet
text/css 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 1249
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 16:03:34 GMT
x-frame-options: sameorigin
date: Wed, 23 Mar 2022 17:50:59 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=827147
etag: "0fdcc2e019d81:0"
accept-ranges: bytes
expires: Sat, 02 Apr 2022 07:36:46 GMT

GET
H2 200 oo_engine.min.js Show response
www.huntington.com/Presentation/Scripts/ 45 KB
15 KB 127ms
47ms Script
application/javascript 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="2008199245"
content-length: 14478
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 04 Feb 2022 16:03:36 GMT
x-frame-options: sameorigin
date: Wed, 23 Mar 2022 17:51:00 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=828773
etag: "03cdc4e019d81:0"
accept-ranges: bytes
expires: Sat, 02 Apr 2022 08:03:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 2 KB
2 KB 42ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1606808232179&cv=9&fst=1606808232179&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eec1ee6fdbedfae675fe463c39f4c7a13fa44f237456726cb1e239bd24f4bb56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found WebResource.axd
fintech-ht.duckdns.org/rol/ 0
0 211ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found WebResource.axd
fintech-ht.duckdns.org/rol/ 0
0 274ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/ 552 B
998 B 18ms
15ms Image
image/gif 104.126.37.161
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.161 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-161.deploy.static.akamaitechnologies.com

Software

Resource Hash

15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1927095490"
content-length: 552
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Mar 2022 15:59:42 GMT
date: Wed, 23 Mar 2022 17:51:01 GMT
x-frame-options: sameorigin
content-type: image/gif
cache-control: public, max-age=1745076
etag: "0abcb85533d81:0"
accept-ranges: bytes
expires: Tue, 12 Apr 2022 22:35:37 GMT

GET
H2 200 logo-lg.png
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 18ms
15ms Image
image/png 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/logo-lg.png

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-229980446"
content-length: 2560
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:01 GMT
content-type: image/png
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H/1.1 404
Not Found hol.device.registration.min.js
fintech-ht.duckdns.org/Scripts/hol/ 0
0 92ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/Scripts/hol/hol.device.registration.min.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 lock.gif
onlinebanking.huntington.com/rol/images/ 870 B
1 KB 29ms
26ms Image
image/gif 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/images/lock.gif

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 870
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:01 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H/1.1 404
Not Found jquery.cookie.latest.js
fintech-ht.duckdns.org/rol/Script/jquery.cookie/ 0
0 92ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/Script/jquery.cookie/jquery.cookie.latest.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK tags.js Show response
ddata.huntingtonbank.com/fp/ 87 KB
12 KB 132ms
65ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/tags.js?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&allow_reprofile=1

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

662e640e767a7a700011f24d16c11ea005804fff8113518621fb8b385eb2cb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 404
Not Found hexlogo-footer-icon.png
fintech-ht.duckdns.org/rol/Images/ 315 B
315 B 94ms
92ms Image
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fintech-ht.duckdns.org/rol/Images/hexlogo-footer-icon.png
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found AccessibleMenuBar.js
fintech-ht.duckdns.org/rol/Script/ 0
0 92ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/rol/Script/AccessibleMenuBar.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found d40faf3cui2540ce0530daea07ab1c
fintech-ht.duckdns.org/assets/ 0
0 92ms
92ms Script
text/html 20.25.50.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://fintech-ht.duckdns.org/assets/d40faf3cui2540ce0530daea07ab1c
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.25.50.14 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/dashboard/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=93
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 0
bat.bing.com/action/ 0
119 B 40ms
37ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a22afb1c-2cbd-48e5-8daf-f398868c45ba&sid=f87b817033a711eb9f3641cc7a5eb32b&vid=f87bd27033a711ebb3448ba76a811b56&vids=0&pi=-1220250698&lg=en-US&sw=1600&sh=900&sc=24&tl=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&kw=Huntington%20bank%20login,%20Huntington%20online%20banking%20login&p=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&r=&lt=3276&evt=pageLoad&msclkid=N&sv=1&rn=561081

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EE80E100A95C47A5B3B051355B684A90 Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:01Z
date: Wed, 23 Mar 2022 17:51:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 34ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a22afb1c-2cbd-48e5-8daf-f398868c45ba&sid=f87b817033a711eb9f3641cc7a5eb32b&vid=f87bd27033a711ebb3448ba76a811b56&vids=0&ec=Visit&ea=Online%20Banking&el=olb:%20login&ea2=Online%20Banking&el2=olb%3A%20login&evt=custom&msclkid=N&rn=855127

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F184987908CE4007B67B14353F41858C Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:01Z
date: Wed, 23 Mar 2022 17:51:00 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
672 B 97ms
31ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2001%20Dec%202020%2007%3A37%3A11%20GMT&n=-5&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&enc=UTF-8&tagmgr=gtm%2Censighten

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 0
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
276 B 97ms
31ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&enc=UTF-8&et=custom&ec=Visit&ea=Online%20Banking&el=olb%3A%20login&tagmgr=gtm%2Censighten

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 0
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 huntington-rol-print.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 8 KB
3 KB 85ms
83ms Stylesheet
text/css 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol-print.css

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 2198
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:01 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/849064376/ 42 B
548 B 52ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1606808232179&cv=9&fst=1606806000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=2913071197&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/849064376/ 42 B
548 B 52ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849064376/?random=1606808232179&cv=9&fst=1606806000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=2913071197&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 InqFramework.js
media-lax1.inq.com/media/launch/ci/ 0
290 KB 152ms
119ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/launch/ci/InqFramework.js?codeVersion=1605769067137
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
server: nginx
etag: W/"61774ab2-16203a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=3600, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Mar 2022 18:51:01 GMT

GET
H2 200 pre-acif.js
huntingtonbank.inq.com/tagserver/acif/ 0
556 B 129ms
128ms Other
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "CZNYrMxQHjq"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
cache-control: max-age=3600
last-modified: Tue, 08 Mar 2022 19:26:37 GMT
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-length: 139
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-lax1.inq.com/media/launch/acif/ 0
132 KB 157ms
126ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/launch/acif/acif.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
via: 1.1 google
last-modified: Tue, 26 Oct 2021 09:42:14 GMT
server: nginx
age: 0
etag: W/"6177cd76-5c039"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600,public
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134668
expires: Wed, 23 Mar 2022 18:51:01 GMT

GET
H2 200 acif-configs.js
media-lax1.inq.com/media/sites/10006663/assets/automatons/ 0
4 KB 176ms
145ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/sites/10006663/assets/automatons/acif-configs.js
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
via: 1.1 google
last-modified: Thu, 08 Jul 2021 22:00:28 GMT
server: nginx
age: 0
etag: W/"60e7757c-30c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600,public
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3530
expires: Wed, 23 Mar 2022 18:51:01 GMT

GET
H2 200 background-960.jpg
onlinebanking.huntington.com//rol/Images/UI/ 3 KB
3 KB 104ms
104ms Image
image/jpeg 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com//rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-162.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 2997
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 11 Feb 2022 21:27:47 GMT
server: Microsoft-IIS/10.0
date: Wed, 23 Mar 2022 17:51:01 GMT
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
etag: "808ba4368e1fd81:0"
accept-ranges: bytes
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 nuanceChat.html Show response
onlinebanking.huntington.com/nuance/ Frame 39DB 439 B
2 KB 364ms
363ms Document
text/html 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: BigIP /
Resource Hash: 10fab1d4b1289060166431d870d4fd5c6e3fe18c579b007f17a7cc04b883d9e6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/

Response headers

content-type: text/html
server: BigIP
x-akamai-transformed: 9 338 0 pmb=mTOE,1
vary: Accept-Encoding
content-encoding: gzip
date: Wed, 23 Mar 2022 17:51:01 GMT
content-length: 310

GET
H/1.1 200
OK dest5.html Show response
huntington-bank.demdex.net/ Frame 279E 7 KB
3 KB 138ms
30ms Document
text/html 34.253.74.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://huntington-bank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.253.74.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-74-200.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 23 Mar 2022 17:51:01 GMT
DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 15 Mar 2022 12:36:14 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: rolxkwagTGo=
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/olb/ 312 B
399 B 10ms
10ms Script
text/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/olb/code/&publishedOn=Sun%20Sep%2026%2005:26:13%20GMT%202021&ClientID=1035&PageID=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 00c5ebe48ddf235c3874ee810e253e55375421c0a86e812b9201373410d39aef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 200 7464ba092fd2c071957ea33d43e461b0.js Show response
ensighten.huntingtonbank.com/huntington/olb/code/ 125 KB
41 KB 14ms
13ms Script
application/javascript 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/code/7464ba092fd2c071957ea33d43e461b0.js?conditionId0=422774
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3658adb06f6e53e6d979841f2260357cd9c1bffb7c6b89e2ca60a757a9904ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
last-modified: Sun, 26 Sep 2021 05:26:13 GMT
server: nginx
etag: W/"61500475-1f23a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c585b9656a451f1d02f78e848059f225dfb4f27e9be69a364da66d5ca69dd47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36972
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
341 B 32ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2023%20Mar%202022%2017%3A51%3A01%20GMT&n=0&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&enc=UTF-8&yv=1.12.0&tagmgr=gtm%2Censighten

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 14ms
12ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27subProducts%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Products%20as%20JSON%2C%20ID%3A52332.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 9ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27address%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Location%2C%20ID%3A52096.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 9ms
7ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27idHash%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Id%20Hash%2C%20ID%3A52100.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 14ms
12ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27subProducts%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Products%2C%20ID%3A52098.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 13ms
12ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27segment%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Segment%2C%20ID%3A52097.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
106 B 13ms
12ms Image
text/plain 3.124.119.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27split%27)%22%20error%20caught%20in%20Data%20Definition%20transformer%3A%20OLB%20-%20Products%20as%20JSON%2C%20ID%2052332.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 23 Mar 2022 17:51:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8bde7d7ac03f0dfcdbc0037a078f4b5a516a665ca5e17b78d72b01a220a1198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37373
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

497973ff290d0e2a629a67824dee6fd3e17735a6adeeb29077e9b38bbfc04a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40777
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3d9adc9e4466fb0f359d9befbacab6f674f6c32e4768d42ff4627fb9457d2934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41090
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
40 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb54571f403f34991b8a06ae2146aaab100b603bd804af7bc3eb8aa5cda41846

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40711
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 17:00:55 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/ 2 KB
1 KB 40ms
25ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1648057861261&cv=9&fst=1648057861261&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

715367e6f9fa169b71055f050b050f2c229a12520340412042c6d64f30bb6e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/ 2 KB
1 KB 31ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1648057861271&cv=9&fst=1648057861271&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d20d56c05fea119329fb98ab1bec673b3094000d0cbe23a4e79baf05e47fb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1056
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET generic
www.huntington.com/ 0
0

GET
H2 200 /
insight.adsrvr.org/track/conv/ 0
173 B 94ms
31ms Image
text/plain 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login
Requested by: Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/ 2 KB
1 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1648057861307&cv=9&fst=1648057861307&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8176b5dae8273dcfb1f628a81bc7e0133dc6a3b48cdf0e955c4685c25c7cb9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849073348/ 42 B
64 B 51ms
22ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849073348/?random=1648057861261&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=1228388444&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849073348/ 42 B
64 B 48ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849073348/?random=1648057861261&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=1228388444&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/786635084/ 42 B
64 B 50ms
23ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786635084/?random=1648057861271&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=402686945&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/786635084/ 42 B
64 B 47ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786635084/?random=1648057861271&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=402686945&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849063932/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849063932/?random=1648057861307&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=85588741&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849063932/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849063932/?random=1648057861307&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=85588741&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

s79988613836824
smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/
Redirect Chain

https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=htt...
https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20l...

43 B
161 B

17ms
17ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=fintech-ht.duckdns.org%2Fdashboard%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1

Requested by

Host: fintech-ht.duckdns.org
URL: https://fintech-ht.duckdns.org/dashboard/

Protocol

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
x-c: main-1629.I879dac.M0-556
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Mar 2022 17:51:01 GMT
server: jag
xserver: anedge-7f6b754cd4-4j8jb
etag: 3539177308878110720-4619780213468267198
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 22 Mar 2022 17:51:01 GMT

Redirect headers

date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
x-c: main-1629.I879dac.M0-556
p3p: CP="This is not a P3P policy"
vary: Origin
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://smetrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s79988613836824?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F2%2F2022%2017%3A51%3A1%203%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=fintech-ht.duckdns.org%2Fdashboard%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1
last-modified: Thu, 24 Mar 2022 17:51:01 GMT
server: jag
xserver: anedge-7f6b754cd4-hv4w8
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 22 Mar 2022 17:51:01 GMT

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ Frame 39DB 5 KB
2 KB 154ms
153ms Script
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

8863784cd89b88c85cc220ad2f4f7c0035068d1709749b0b8bf6900f77656d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "H8tL8mZKYMr"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
last-modified: Thu, 10 Mar 2022 06:33:01 GMT
accept-ranges: bytes
content-length: 1963
x-xss-protection: 1; mode=block
expires: Wed, 23 Mar 2022 18:51:01 GMT

GET
H2 200 UBWwUeYUM Show response
onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/ Frame 39DB 84 KB
21 KB 16ms
16ms Script
application/javascript 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 19:29:24 GMT
etag: "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 20456
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ Frame 39DB 22 KB
7 KB 186ms
28ms Script
application/javascript 2620:1ec:27::cafe:1799
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1646893964463

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1799 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

73ea8639745c39524ef07ebeb2b9a8c604923841634ec12d9ec31a98554f63ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
x-azure-ref-originshield: 0mVI7YgAAAAB3j+rgqBfFQ5GnSvS/wODZTE9OMjFFREdFMDIyMABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 6561
x-xss-protection: 1; mode=block
last-modified: Sat, 05 Mar 2022 10:25:58 GMT
server: TouchCommerce Server
date: Wed, 23 Mar 2022 17:51:01 GMT
x-azure-ref: 0BV47YgAAAAA3nOnMXxBbR5Yf41mbz+eFTUFOMzBFREdFMDcyMQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: "DeS6dwT0hCW"
accept-ranges: bytes

POST
H2 201 UBWwUeYUM Show response
onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/ Frame 39DB 18 B
986 B 16ms
16ms XHR
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onlinebanking.huntington.com
date: Wed, 23 Mar 2022 17:51:01 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

GET
H/1.1 200
OK check.js;CIS3SID=E600E25A94F16105115E5EBDF3DCB377 Show response
ddata.huntingtonbank.com/fp/ Frame 537B 272 KB
47 KB 22ms
21ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jb=343b2e2468716d773d4e6b6e757a266a7b673d4e6b6c7d78266871607d3d4160726d6567246871603d416a726f6f65253a38393b

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/tags.js?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6a378f50b103da91a967b988e90157e64a8b51c2061c98ff6b3b55564337b0ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: f52649e9c792b96d
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
ddata.huntingtonbank.com/fp/ Frame 537B 81 B
475 B 39ms
13ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
ddata.huntingtonbank.com/fp/ Frame 537B 81 B
475 B 39ms
13ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%... Show response
10701487.fls.doubleclick.net/ Frame A855
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8...

453 B
393 B

35ms
20ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

2aa1784abd3c348217ec47ff4909a2e3aa8478fe7bd6b7d7293346fdc54f1cd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Mar 2022 17:51:01 GMT
expires: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Mar 2022 17:51:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https... Show response
10701487.fls.doubleclick.net/ Frame 39D9
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=ht...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login...

460 B
398 B

34ms
21ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

75025c893251766c5ef9c2169b13d58c5538c3761a5c91e3ebd12ba30ae507cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Mar 2022 17:51:01 GMT
expires: Wed, 23 Mar 2022 17:51:01 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 375
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 23 Mar 2022 17:51:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1648057861868&cv=9&fst=1648057861868&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&ig=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47861ff0913343dd42287b2035f76e2b49da814b179cfb31f749bccdacdb9925

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1128
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
11 KB 32ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F213611B21C4CDA95E8E7B1CFA6F6B0 Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:01Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Wed, 23 Mar 2022 17:51:01 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 tr
www.facebook.com/ 44 B
408 B 23ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 tr
www.facebook.com/ 44 B
213 B 24ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 17:51:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
79 B 32ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&enc=UTF-8&yv=1.12.0&et=custom&ec=Visit&ea=Online%20Banking&el=olb%3A%20login&tagmgr=gtm%2Censighten

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:01 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Wed, 23 Mar 2022 17:51:01 GMT

GET
H/1.1 200
OK clear.png Show response
ddata.huntingtonbank.com/fp/ Frame 537B 81 B
538 B 40ms
13ms XHR
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jb=343b2e2468716d773d4e6b6e757a266a7b673d4e6b6c7d78266871607d3d4160726d6567246871603d416a726f6f65253a38393b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 16xsqggn/f52649e9c792b96d1f926c22e275430d8947c384a26f91c9
Referer: https://fintech-ht.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:01 GMT
Last-Modified: Wed, 23 Mar 2022 17:51:01 GMT
Server: Apache
Etag: ad533d168d2a49089d29ea1ad9bb472e
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://fintech-ht.duckdns.org
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Mon, 22 Mar 2027 17:51:01 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377 Show response
ddata.huntingtonbank.com/fp/ Frame A49B 84 KB
13 KB 16ms
16ms Document
text/html 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8ab164e879594b3ef53027c56b4c0472ee9f500d20e20b35aade8cb693d97c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/

Response headers

Date: Wed, 23 Mar 2022 17:51:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame 537B 0
387 B 13ms
12ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jb=33342e6e71633f3661333132373639366b38303663676b613031333a3d63363161313e313b6135

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:01 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377 Show response
h.online-metrix.net/fp/ Frame C3B8 98 KB
14 KB 45ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

defb3d81d0dcaef7522892eaf55e3c42b42ebf73d4846c284c1384704fb84f6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/

Response headers

Date: Wed, 23 Mar 2022 17:51:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame 537B 0
387 B 16ms
16ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jd=353a2e2468646c3f333a246a666a3d346c3e3361323a38336367353431333b6a66606b61643b3a606537333137313626626e746c3f3232313130383130

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 537B 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377 Show response
ddata.huntingtonbank.com/fp/ Frame FCEB 84 KB
13 KB 28ms
15ms Document
text/html 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/top_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f3537ea5c3bc0953f366017019fd611516190fa400feb43e35fb175f31a6074d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/

Response headers

Date: Wed, 23 Mar 2022 17:51:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
ddata.huntingtonbank.com/fp/ Frame 537B 0
218 B 28ms
14ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&ja=313a31302424613f3024783d3024663d393e30327a333a303024636435313438307a393032322471787b3f3078322664787a3d332e333e30302e333038302e393632382e333032322c333430302e313238382c333432382c3130323224302e38266f7c3f633a3a3061606164633537646c6e64643b676938343333363f30346a39633f63246f6c3f34247163643f32342e64683f6a767c70732731432d32442d32446e6b6c766761682f6a742e667563636c6e712c6d7a672530446669736a6a6f637a662730442464703f26706e3d332e78683f353a6e32386363346a63646a653339316035313a37636730643162646a3a6436246a603d643037303965643936353f6460633367633a343862673836313e3364663530612668716d354c6b66757a2e6871603f4168706d6d6527323031312668716d7d3d4c6b6c777026687b627735416a706d6f65246c68633f3426666c6d3f3a247c7a643f47766b25304e556c636c6d756c246d637668723f3430383b643361306a65633230673e63613d3632383a3063663335373630316464343d30383336336c36656363303c64613134636e6066353031313133393663267035786c77656b665f666e6371605e64696c716d23726e7765696c5d77696c646f7f7b5f6f676661615f726e6371657056666364716723726e75656b6e5f63646f6a6d5f636170676261765c64696c716d21726477656b6c5d71776b636b76696d6d5666636e716d21706e7765616e5d7b686d6b69756374675e64636c73672170647d676b6c5d7a65616e726e6979677a5e64696e716723726c7765696e5d766c6b57706e637b6d725e64636e7b6523786c776f6b6c5d666776636e76725c6661647b6523726e7d67696c5d717e675d7e69677f67705c64636c716721706e756761665f686374695e66636e716d2665645f6135756760656e576760474c273230392630273032204f70676c454425303845512d3032302c322530324368706f6d617d6d2b55676a474c2730324f4c51442530384751273032312c32253232284f786d6e454e273a304551273038474e5b4c273a324751273030332c3025303043607a6f6f6b776529576760496174556d62496176273032556560454c414c474c4d57696c7176696e6367665d6972706979712d3140273032455a565f626e656e6c576d6b6c6f6978253140273a304750545d6b6d6e6d705d6277646665705f686964665d646e6761742731402d32324d585657646e6d63765f606e656e6625334a2d3232475a5c5f6670636557646778746a2d3140273032455a565f736a61646d7a5f76677a7c7572675d6e6764273b42273a32475a565d74677a747570655f6b676d7270677b73696d6c5d6a70766b25314a273032475a545d7665787675726d57636d6f727a6573716b6d665f706f74612d3140273032455a565f746778747d7a655d646b647465705d6366697167747067726b612731422730305747424b415c5f475a565774657a76777a655d6e696e7c67705d636c69716d74726d70696b2d33402730384558565d715a47402d33402d30324d47515f676e656d676e7457616e66677a5775696c76273b42273a304d4d515d64606d5f70676e6467725f6561706f63722d3342273032474551577376696c666370665f66677269746174617e657127314a2532324d475b5f766d78767d70675d646e6f63762533402532384745515d766d787477706757666e676176576e6b6c6763722731422530304f4d5b5f76677a7c7572675d6a696c6457666e6763762731402530324f45515f746d70747770675768616e645d6e6c6d69745d646b6c6763702531402532324f455b57766770766d785f63707069795d6762686d6176273140253032574540474c576b6f6e6d705762756464677a5f64646f637c273140273030554742474e5f636765707067717b65645d76677074777a655d69717661273142273030574742474457636d6f727a65737167665774677074777a675d67766125314025323257454a4f4c5d616d6570726771716d645d7c657a7c7770675d677461332533402532385f4540454e57636f6f72706d73716d645d7c677a767770655d7133746125334a2d323255474a4b49565d554d4245445f61676f727067717367665f746778747d7a655d71317c63253140273a30554d4245445d616d6f727267717365665f746d707477706757733376615d7b72656a25314a273032554742454e5f646762756f5772676c666d7265705d6b66666d2d33402d3032554740474e5d6465727468577c657a76777a65253140273a30554d424941565d554740474e5d6465727468577c657a76777a65253140273a30554d4245445d667063755f607766666772732d3b422730325f4542454e5d646f716d5f61676c76677a7625314025323257454a4349565d554d42474e5d6e67736757636d6676677a762733402732305545424f445f6f776e7c695f6670637f31342e676e576a3f313b3230343265356735353b3b663564636e62353263366965323d31366e6434303a633431336163247767647e3d4b6c766d6c2530324b66632c2e776564703f4b6c76656e2732304b72697b2d32324d726d6e474e273038456c6f696c6d246161663f39&jb=31373b246e733f4f6f786b6c6c6325324e3d2e3227303828576b6c666777712d3232465627303233302c322533402532385f696c34362d3342273032703636212530384372726e675767604b697625324e3d33352c313e2532322a4940544f4425304b2730326e6b6b672732304565636367292730324b68726d6f672d324431392c382c363a36362e373325323253616e69726b27304e3533352c313e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 17:51:02 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net/fp/ Frame 537B 81 B
438 B 55ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=*;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fda...
adservice.google.com/ddm/fls/z/ Frame A855 42 B
494 B 65ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=*;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJezt_vl3PYCFUafhQodNh0LUg;src=10701487;type=global;cat=allpv;ord=8916910440096;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10701487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=*;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.o...
adservice.google.com/ddm/fls/z/ Frame 39D9 42 B
107 B 65ms
43ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=*;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CN23t_vl3PYCFYdFGwodxYAGUw;src=10701487;type=global;cat=uvisit;ord=1;num=4215609791273;gtm=2od3e0;auiddc=521059906.1648057861;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10701487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849064376/ 42 B
64 B 24ms
23ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1648057861868&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=3488232475&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849064376/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849064376/?random=1648057861868&cv=9&fst=1648054800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3e0&sendb=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=3488232475&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 17:51:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 5067672.js Show response
bat.bing.com/p/action/ 0
118 B 200ms
199ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5067672.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2C446A87456486FBF53CCC313D686C4 Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:02Z
date: Wed, 23 Mar 2022 17:51:01 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 38ms
38ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=473fbc23-3825-4ee5-9d5d-15acdc1e4ba5&sid=cdf17f10aad111ec9aecc94d5a873306&vid=cdf1b640aad111eca3be0bf6ed0ca7de&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&kw=Huntington%20bank%20login,%20Huntington%20online%20banking%20login&p=https%3A%2F%2Ffintech-ht.duckdns.org%2Fdashboard%2F&r=&lt=3728&evt=pageLoad&msclkid=N&sv=1&rn=170001

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 229A167C297D4692A3F2BE01C9EDDF7A Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:02Z
date: Wed, 23 Mar 2022 17:51:01 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=473fbc23-3825-4ee5-9d5d-15acdc1e4ba5&sid=cdf17f10aad111ec9aecc94d5a873306&vid=cdf1b640aad111eca3be0bf6ed0ca7de&vids=0&ec=Visit&ea=Online%20Banking&el=olb:%20login&ea2=Online%20Banking&el2=olb%3A%20login&evt=custom&msclkid=N&rn=807132

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 931E7C564C6E4A3588B49F849E181EF6 Ref B: FRAEDGE1409 Ref C: 2022-03-23T17:51:02Z
date: Wed, 23 Mar 2022 17:51:01 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A49B 0
387 B 13ms
12ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jf=33342e6e71603f3037316464336364646c3a39363a613a39643332663d64633861316933366431

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 201 UBWwUeYUM Show response
onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/ Frame 39DB 18 B
980 B 18ms
17ms XHR
application/json 104.126.37.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onlinebanking.huntington.com
date: Wed, 23 Mar 2022 17:51:02 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

GET
H/1.1 204
204 clear1.png;CIS3SID=E600E25A94F16105115E5EBDF3DCB377
ddata.huntingtonbank.com/fp/ Frame 537B 0
400 B 15ms
14ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear1.png;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jf=34333024716b665d726c663d7466725f7d644261646b5d776635714665357a46267161665d666376653f3336343a30353f303630247161645f767b726d3d756d62386d6166716324736b665f6b67793d3b38353b31323933303432353a613a3e343a6b673166323030333236303a3261303e343a61673b64303132333837323b343038323236676431356735326637346e3c383b35343936323467353a63663a35333132366432356531313034313933693d353164676e38323031603961666a62343b343760673434343264363632373c6d30323b616b35646632353837346b38613b3b3736323366343433353435373b3d323333613c32383a64663d636339373669353b33247169665d7369653d33383c3632303039303066666731623a3837313d673266666163376131616638333f39393733323d34316135316931343937603e36303b606335346161333431623f3965373b343c333732303039303269656431663a666034343a3333653763363a3f35343366313135373a373f31673b30673c356760353731303364326138373a3e643236306d63323761353134362e736b6e703f32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=E600E25A94F16105115E5EBDF3DCB377
h.online-metrix.net/fp/ Frame C3B8 0
400 B 15ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jf=34333c24716b665d726c663d7466725f496259513154476c514f466749624842267161665d666376653f3336343a30353f303630247161645f767b726d3d756d62386d6166716324736b665f6b67793d3b38353b31323933303432353a613a3e343a6b673166323030333236303a3261303e343a61673b64303132333837323b343038323236366438613762633538666a31316036366b39386433363a65333b61373c61313161366163673139643634313e613b35613133326466633165673d35673c3a3a3261376135363338336632393a66343b63383333363a343e39356964673e3367603434623b6032353636383d3a3937633469663832343a30373b6e34663c3a6130247169665d7369653d33383c343230303835626632336e65333134326d33303063356664346632356134303b363436676c32636360326a33603b613730373564633434373639626662386a3d643263633f30323032333d31333c36316b666730353439306132643a63396939636463353f313161353b3d35323e37363d3361663b3538663565633a34643f3032333b363962396361247b69647a3d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=E600E25A94F16105115E5EBDF3DCB377?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame 537B 0
387 B 13ms
13ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=1f926c22e275430d8947c384a26f91c9&nonce=f52649e9c792b96d&jac=1&je=31343b2424726f3f79677126626374737c357b206e677e656c2038332630322422717c63767771203a20616861706769666f227f24637d64683f61633f623b6d36673e3a336161636334643261356331313a393134313c366237613139373b3e62366c3a6666363a36323233386465346e38336461663034353b246770333f6a373338366033303b333a3b64343536333b6b633637343938366731306e65613e62643136333567

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fintech-ht.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 17:51:02 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huntington.com
URL: https://www.huntington.com/generic?sc_site=ROL

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
me.everfica.com/	1970-01-20 01:47:45	Name: XSRF-TOKEN Value: eyJpdiI6IkplbHZOY3MwZUpEcy9INGRHTDlqWUE9PSIsInZhbHVlIjoiaWVWNzUyaExRbjVvMkxCQWNEVFExNEcrNGEwS1Y5ZUdLbkwvcS9WdnRITWE3VEIxN29aYjRJdUFVZjQ1Nno4Q21XTkJQS0tQUmJCTVBPMzJFdldLbFU3ejBRMFRUdmYvYmphb0tvLzhPVGNZM2tDaklHaGtxdm12aUN6QmlCbVYiLCJtYWMiOiJhOWRjNWMzMDRiMjBmYmY3N2NmOWRkM2E4NGE3YjBjYjc0MDAyNDBmOTgwZjEyMmI5MDc4NDExN2IxNjQ2MDNiIn0%3D
me.everfica.com/	1970-01-20 01:47:45	Name: laravel_session Value: eyJpdiI6IkZTWmJNd3pobWJLbU1oWFZ3RkFyYVE9PSIsInZhbHVlIjoieG1LMzZKM2RPWDJ6N0UrK1p6Z0JzNnB6Q1VPMmo5T2hPTFNXalphME03alloeEozQXNrTTluTjd6cllaQW84VFlUalpHVEUxZGRQdDFwQlhwUktTN00rQSs1WEdBdHFqdnhEenoyUTF4aHh1Z09aMGZxVCtUdnJvVGNTSjZFa2kiLCJtYWMiOiJlN2U1MzM3ODYzOTdkMTI2YmNmYjUwZTg0YzkwZGZlOTZkMjMyMzJjODBkMTE1NjMxZjljN2UxZjI1OGEyYzFlIn0%3D
ddata.huntingtonbank.com/	1970-01-21 20:59:37	Name: thx_guid Value: 27ca0937a17146dfa1c031b558553880
.bing.com/	1970-01-20 11:09:13	Name: MUID Value: 301C3D2C371D63781E162C5C36766272
.fintech-ht.duckdns.org/	1970-01-20 10:33:13	Name: rkglsid Value: h-ac0684ac86e9ed63735afa1517fb7e74_t-1648057861
fintech-ht.duckdns.org/	1970-01-20 03:57:13	Name: 65343 Value:
.fintech-ht.duckdns.org/	1970-01-20 03:57:13	Name: _gcl_au Value: 1.1.521059906.1648057861
.yahoo.com/	1970-01-20 10:33:35	Name: A3 Value: d=AQABBAVeO2ICEKxIHMhuNTOoMmwrk39swlwFEgEBAQGvPGJFYgAAAAAA_eMAAA&S=AQAAAmW_zmyVx_aNxUvXqZvNBhg
.doubleclick.net/	1970-01-20 11:09:13	Name: IDE Value: AHWqTUnbDAG_bzO7tI-LahUqDjm3-6Z7Ecwr_ZilFG1BjLeQzPRSKzyEF-bQejAO
.facebook.com/	1970-01-20 03:57:13	Name: fr Value: 0qLJ1FOMXSCtfHlnL..BiO14F...1.0.BiO14F.
.fintech-ht.duckdns.org/	1970-01-20 01:49:04	Name: _uetsid Value: cdf17f10aad111ec9aecc94d5a873306
.fintech-ht.duckdns.org/	1970-01-20 11:09:13	Name: _uetvid Value: cdf1b640aad111eca3be0bf6ed0ca7de

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fintech-ht.duckdns.org/rol/Styles/Structure/960/reset.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/Script/jquery.autotab.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://fintech-ht.duckdns.org/Scripts/hol/hol.device.registration.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/Script/jquery.cookie/jquery.cookie.latest.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/Script/AccessibleMenuBar.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/assets/d40faf3cui2540ce0530daea07ab1c Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fintech-ht.duckdns.org/rol/Images/hexlogo-footer-icon.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://huntington-bank.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://onlinebanking.huntington.com') does not match the recipient window's origin ('https://fintech-ht.duckdns.org').
javascript	error	URL: https://fintech-ht.duckdns.org/dashboard/ Message: Access to XMLHttpRequest at 'https://www.huntington.com/generic?sc_site=ROL' from origin 'https://fintech-ht.duckdns.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/generic?sc_site=ROL Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript	warning	URL: https://onlinebanking.huntington.com/1Qkfvj6YSXouY-bJMQ/LuO3fmSNuV5m/MHNfInI/b3/UBWwUeYUM Message: The devicemotion events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 40) Message: Unrecognized feature: 'attribution-reporting'.
javascript	error	URL: https://fintech-ht.duckdns.org/dashboard/ Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://fintech-ht.duckdns.org' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10701487.fls.doubleclick.net
16xsqggnbiuzcimbdph66bncajyscfqglczx4qzyf52649e9c792b96dam1.e.aa.online-metrix.net
adservice.google.com
bat.bing.com
ddata.huntingtonbank.com
ensighten.huntingtonbank.com
fintech-ht.duckdns.org
ghbmnnjooekpmoecnnnilnnbdlolhkhi
googleads.g.doubleclick.net
h.online-metrix.net
huntington-bank.demdex.net
huntingtonbank.inq.com
insight.adsrvr.org
me.everfica.com
media-lax1.inq.com
media-us1.digital.nuance.com
onlinebanking.huntington.com
s.yimg.com
smetrics.huntington.com
sp.analytics.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.huntington.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.huntington.com
104.126.37.161
104.126.37.162
13.36.218.177
142.250.185.166
142.250.186.98
15.197.193.217
198.54.115.96
20.25.50.14
212.82.100.181
2620:1ec:27::cafe:1799
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2002
2a00:1450:4001:830::2002
2a03:2880:f12d:83:face:b00c:0:25de
3.124.119.57
34.253.74.200
35.186.193.174
52.189.67.17
91.235.132.130
91.235.132.141
91.235.134.131
00359d552170386e0f9dc362a2a48ad8da908f6263810b28eb26348073b70bee
00c5ebe48ddf235c3874ee810e253e55375421c0a86e812b9201373410d39aef
0d20d56c05fea119329fb98ab1bec673b3094000d0cbe23a4e79baf05e47fb66
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10fab1d4b1289060166431d870d4fd5c6e3fe18c579b007f17a7cc04b883d9e6
147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
1c585b9656a451f1d02f78e848059f225dfb4f27e9be69a364da66d5ca69dd47
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
2aa1784abd3c348217ec47ff4909a2e3aa8478fe7bd6b7d7293346fdc54f1cd3
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3d9adc9e4466fb0f359d9befbacab6f674f6c32e4768d42ff4627fb9457d2934
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
47861ff0913343dd42287b2035f76e2b49da814b179cfb31f749bccdacdb9925
47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496
497973ff290d0e2a629a67824dee6fd3e17735a6adeeb29077e9b38bbfc04a90
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
4f9023208f03b3566fc5f9796d8a867c51d87ac37dddc44170d197a653bddf47
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
662e640e767a7a700011f24d16c11ea005804fff8113518621fb8b385eb2cb2a
6a378f50b103da91a967b988e90157e64a8b51c2061c98ff6b3b55564337b0ab
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
715367e6f9fa169b71055f050b050f2c229a12520340412042c6d64f30bb6e24
73ea8639745c39524ef07ebeb2b9a8c604923841634ec12d9ec31a98554f63ec
75025c893251766c5ef9c2169b13d58c5538c3761a5c91e3ebd12ba30ae507cc
760fa8f3b6a53a51fce23d438181c2050a5500037c7c00b5218b3543313a69dc
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
8863784cd89b88c85cc220ad2f4f7c0035068d1709749b0b8bf6900f77656d6c
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
8ab164e879594b3ef53027c56b4c0472ee9f500d20e20b35aade8cb693d97c57
93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
b8bde7d7ac03f0dfcdbc0037a078f4b5a516a665ca5e17b78d72b01a220a1198
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
c011a56796747bda740bfcde41e2c0febf1d82580f05a593949ceed6a0d73057
c536ebb1999461caf62e8d78e55d083d30d8573f99e467f7594908482c58f6c4
cb54571f403f34991b8a06ae2146aaab100b603bd804af7bc3eb8aa5cda41846
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
db12b2adc6604867083d069c092a8e2437b3b22ec7380557cf3d350ca05034b3
defb3d81d0dcaef7522892eaf55e3c42b42ebf73d4846c284c1384704fb84f6b
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
e3658adb06f6e53e6d979841f2260357cd9c1bffb7c6b89e2ca60a757a9904ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8176b5dae8273dcfb1f628a81bc7e0133dc6a3b48cdf0e955c4685c25c7cb9c
eec1ee6fdbedfae675fe463c39f4c7a13fa44f237456726cb1e239bd24f4bb56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3537ea5c3bc0953f366017019fd611516190fa400feb43e35fb175f31a6074d
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200
f7dfe2a4f1e11d258bcd7d7b713fd767ac33685a421c7e3cac67105c82af8f89
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

fintech-ht.duckdns.org Open in urlscan Pro 20.25.50.14 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

96 %HTTPS

36 %IPv6

19 Domains

26 Subdomains

25 IPs

5 Countries

1105 kBTransfer

2136 kBSize

12 Cookies

7 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

fintech-ht.duckdns.org Open in urlscan Pro
20.25.50.14 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

96 %
HTTPS

36 %
IPv6

19
Domains

26
Subdomains

25
IPs

5
Countries

1105 kB
Transfer

2136 kB
Size

12
Cookies

119 HTTP transactions
0 data transactions