salesauto-645i.ddns.net Open in urlscan Pro
13.68.189.91 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://salesauto-645i.ddns.net/
Submission: On December 23 via manual (December 23rd 2021, 4:28:18 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 16 domains to perform 104 HTTP transactions. The main IP is 13.68.189.91, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is salesauto-645i.ddns.net.

This is the only time salesauto-645i.ddns.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
10	13.68.189.91 13.68.189.91	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
7	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
11	3.124.173.63 3.124.173.63	16509 (AMAZON-02) (AMAZON-02)
2 30	95.100.153.98 95.100.153.98	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	52.189.67.17 52.189.67.17	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
3	35.186.193.174 35.186.193.174	15169 (GOOGLE) (GOOGLE)
1	54.73.127.110 54.73.127.110	16509 (AMAZON-02) (AMAZON-02)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:27::... 2620:1ec:27::cafe:1644	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
104	22

10 13.68.189.91 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

salesauto-645i.ddns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.124.173.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com

ensighten.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 95.100.153.98 (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-153-98.deploy.static.akamaitechnologies.com

onlinebanking.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.189.67.17 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

huntingtonbank.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.193.174 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 174.193.186.35.bc.googleusercontent.com

media-lax1.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.127.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-127-110.eu-west-1.compute.amazonaws.com

huntington-bank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

metrics.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1644 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

10701487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	huntington.com 3 redirects onlinebanking.huntington.com www.huntington.com metrics.huntington.com	188 KB
11	huntingtonbank.com ensighten.huntingtonbank.com	60 KB
10	ddns.net salesauto-645i.ddns.net	69 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net 10701487.fls.doubleclick.net	10 KB
7	google.de www.google.de adservice.google.de	2 KB
7	google.com www.google.com adservice.google.com	2 KB
7	bing.com bat.bing.com	22 KB
7	googletagmanager.com www.googletagmanager.com	261 KB
6	inq.com huntingtonbank.inq.com media-lax1.inq.com	430 KB
4	yahoo.com sp.analytics.yahoo.com	1 KB
2	facebook.com www.facebook.com	396 B
2	adsrvr.org 1 redirects insight.adsrvr.org	430 B
2	googleadservices.com www.googleadservices.com	29 KB
1	nuance.com media-us1.digital.nuance.com	7 KB
1	demdex.net huntington-bank.demdex.net	3 KB
1	yimg.com s.yimg.com	6 KB
104	16

	Domain	Requested by
23	onlinebanking.huntington.com	1 redirects salesauto-645i.ddns.net onlinebanking.huntington.com
11	ensighten.huntingtonbank.com	salesauto-645i.ddns.net onlinebanking.huntington.com
10	salesauto-645i.ddns.net	salesauto-645i.ddns.net onlinebanking.huntington.com
7	www.huntington.com	1 redirects salesauto-645i.ddns.net onlinebanking.huntington.com
7	bat.bing.com	salesauto-645i.ddns.net bat.bing.com
7	www.googletagmanager.com	salesauto-645i.ddns.net
5	www.google.de	salesauto-645i.ddns.net
5	www.google.com	salesauto-645i.ddns.net
5	googleads.g.doubleclick.net	salesauto-645i.ddns.net www.googleadservices.com
4	10701487.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	sp.analytics.yahoo.com	salesauto-645i.ddns.net
3	media-lax1.inq.com	salesauto-645i.ddns.net
3	huntingtonbank.inq.com	salesauto-645i.ddns.net onlinebanking.huntington.com
2	adservice.google.de	adservice.google.com
2	adservice.google.com	10701487.fls.doubleclick.net
2	www.facebook.com
2	metrics.huntington.com	1 redirects salesauto-645i.ddns.net
2	insight.adsrvr.org	1 redirects salesauto-645i.ddns.net
2	www.googleadservices.com	salesauto-645i.ddns.net www.googletagmanager.com
1	media-us1.digital.nuance.com	huntingtonbank.inq.com
1	huntington-bank.demdex.net	salesauto-645i.ddns.net
1	s.yimg.com	salesauto-645i.ddns.net
104	22

This site contains links to these domains. Also see Links.

Domain
www.huntington.com
selfservice.huntington.com

Subject Issuer	Validity	Valid
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-20` - `2022-02-09`	2 months	crt.sh
ensighten.huntingtonbank.com GeoTrust EV RSA CA 2018	`2020-07-10` - `2022-07-15`	2 years	crt.sh
huntington.com GeoTrust EV RSA CA 2018	`2020-07-08` - `2022-07-13`	2 years	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-10-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://salesauto-645i.ddns.net/
Frame ID: 18D2BE32B92AC8C9EFF1284E4DA74F2F
Requests: 91 HTTP requests in this frame

Frame: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Frame ID: D06C37E09EEF905973DD359CC10D6741
Requests: 6 HTTP requests in this frame

Frame: https://huntington-bank.demdex.net/dest5.html?d_nsid=0
Frame ID: DE1B9C7EF9A00F6E5B9E2295CBFC871D
Requests: 1 HTTP requests in this frame

Frame: http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: 2694724982288A20D5EDD60A0FEF21CF
Requests: 1 HTTP requests in this frame

Frame: http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: 858127DC5C0D41E1CBA3031D10B320B9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: EA9DA5F7C21FB16DEE2CB4215FC805A0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: 665CE695083E8ACEE48E4A9D0E5A2126
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: A5D2B2C1012874C30A168C4933C80044
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Frame ID: 1CB9C1AD1FE01EF44DA9F2F563382599
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Huntington Online Banking Login | Huntington Chat with a bankerClose FlagSearchFAB_AskUs

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

104
Requests

65 %
HTTPS

48 %
IPv6

16
Domains

22
Subdomains

22
IPs

5
Countries

1084 kB
Transfer

1658 kB
Size

14
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.huntington.com/customer-service/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/ForgotPassword/
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/Enrollment/
Title: Enroll in Online Banking

Search URL Search Domain Scan URL

URL: https://www.huntington.com//Privacy-Security/protecting-yourself/identity-theft
Title: Identity Protection

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/how-we-protect-you/huntingtons-security-commitment
Title: Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/Privacy-Policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.huntington.com/personal/online-services/huntington-online-guarantee
Title: Online Guarantee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 3

http://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle

Request Chain 18

https://onlinebanking.huntington.com//rol/ensightenBootstrap.js HTTP 301
https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js

Request Chain 22

https://www.huntington.com/-/fxm/web/ HTTP 302
https://www.huntington.com/Presentation/rol-manage.js

Request Chain 61

http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Request Chain 64

http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c

Request Chain 65

http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c

Request Chain 66

http://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c

Request Chain 67

http://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c HTTP 307
https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c

Request Chain 68

http://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login HTTP 301
https://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login

Request Chain 70

http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=salesauto-645i.ddns.net%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1 HTTP 302
http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=salesauto-645i.ddns.net%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1

Request Chain 84

http://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F HTTP 302
http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Request Chain 85

http://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F HTTP 302
http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Request Chain 87

http://bat.bing.com/bat.js HTTP 307
https://bat.bing.com/bat.js

Request Chain 88

http://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no HTTP 307
https://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no

Request Chain 89

http://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]= HTTP 307
https://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
salesauto-645i.ddns.net/ 67 KB
67 KB 870ms
771ms Document
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: dcc30a5e69695c205365e27ad0f09f75d36f0350a8e016354c36b95e07a05ae6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 23 Dec 2021 16:28:10 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 143ms
58ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 138ms
51ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayerGoogle&cx=c

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55bf2c5c7e54452e082c3f3c8a114b39e17c1c6d1489c7fb363e1015eefeeeeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39577
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

36 KB
11 KB

57ms
33ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:11 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3023748E7A6A4DF7A08FE244B61D08A9 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:12Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle
https://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle

87 KB
35 KB

61ms
61ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4108fc5eb175e92fecb4d46280cc412d740ea217739526db25b131bfe9e2428d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35963
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:12 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-8085313&l=dataLayerGoogle
Non-Authoritative-Reason: HSTS

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 72ms
22ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 23 Dec 2021 15:44:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2614
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5652
x-amz-id-2: oaBZBiEqv7Ln4t9k3Jhchui0IIrsNvcvJonEJ21WiQveTpVKUBbVEBEp8i9erU3yHWmyPbroA94=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 10 Dec 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 04 Nov 2021 15:26:13 GMT
server: ATS
etag: "146f99405588b7446958a732612c901d-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: D3NW07S9558CVQQC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pCmRUUjnQE9zqMEfVdrNnyYpaPAyW8Do
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 ac66aa74326a8fa0e24180b6db457f6d.js Show response
ensighten.huntingtonbank.com/huntington/olb/code/ 24 B
238 B 8ms
8ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/code/ac66aa74326a8fa0e24180b6db457f6d.js?conditionId0=422774
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
last-modified: Thu, 05 Apr 2012 12:15:43 GMT
server: nginx
etag: "4f7d8cef-18"
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 24
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/olb/ 315 B
403 B 124ms
22ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/serverComponent.php?r=82.41776782117654&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/olb/code/&publishedOn=Thu%20Oct%2001%2019:28:25%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bf4f4acbd47a613cf6c5df826fc51221c89919047cbaf8fb3c0387b22d6032f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:11 GMT
cache-control: no-cache, no-store
content-type: text/javascript
server: nginx
content-encoding: gzip
vary: Accept-Encoding
expires: Thu, 23 Dec 2021 16:28:10 GMT

GET
H2 200 ruxitagentjs_ICA2SVfqrux_10199200831173248.js Show response
onlinebanking.huntington.com//rol/Common/scripts/ 208 KB
80 KB 392ms
134ms Script
text/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

017cdaac86d3555f5f1b11148921f2b3917804949d3a4e0a50f506b2e324448f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff;
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
p3p: CP="NON CUR OTPi OUR NOR UNI"
cache-control: max-age=0, no-cache, no-store
x-ua-compatible: IE=edge
content-type: text/javascript; charset=utf-8
content-length: 81050
format-detection: telephone=no
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H/1.1 404
Not Found reset.css
salesauto-645i.ddns.net/rol/Styles/Structure/960/ 0
0 182ms
91ms Stylesheet
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/Styles/Structure/960/reset.css
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 text.css
onlinebanking.huntington.com//rol/Styles/Structure/960/ 1 KB
916 B 389ms
132ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Structure/960/text.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="664234563"
content-length: 529
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 960_16_col.css
onlinebanking.huntington.com//rol/Styles/Structure/960/ 4 KB
1 KB 389ms
132ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Structure/960/960_16_col.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1579931314"
content-length: 821
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 huntington-rol.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 57 KB
12 KB 1289ms
1033ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="1"
content-length: 11576
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H2 200 propertyClasses.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 598 B
966 B 389ms
132ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/propertyClasses.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-735132902"
content-length: 598
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 widgets.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 12 KB
3 KB 405ms
148ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/widgets.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1171897131"
content-length: 2435
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 NavBar.css
onlinebanking.huntington.com//rol/Styles/Navigation/ 2 KB
1006 B 405ms
148ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Navigation/NavBar.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1883058156"
content-length: 618
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com//rol/Styles/JQueryUIThemes/custom-theme/ 59 KB
8 KB 389ms
133ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/JQueryUIThemes/custom-theme/jquery-ui-1.8.9.custom.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1148046585"
content-length: 7788
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 modal-dialog.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 1 KB
934 B 405ms
149ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/modal-dialog.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="64192038"
content-length: 548
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 hnb.aria.common.css
onlinebanking.huntington.com//rol/Styles/ 574 B
942 B 389ms
133ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/hnb.aria.common.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-1969197620"
content-length: 574
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2

200

Bootstrap.js Show response
ensighten.huntingtonbank.com/huntington/olb/
Redirect Chain

https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js

59 KB
17 KB

17ms
17ms

Script
application/javascript

3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4f9023208f03b3566fc5f9796d8a867c51d87ac37dddc44170d197a653bddf47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
last-modified: Sun, 26 Sep 2021 05:26:13 GMT
server: nginx
etag: W/"61500475-ed93"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
x-permitted-cross-domain-policies: none
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-old-content-length: 187
server-timing: dtSInfo;desc="1"
content-length: 187
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: Microsoft-IIS/10.0
format-detection: telephone=no
date: Thu, 23 Dec 2021 16:28:12 GMT
x-frame-options: sameorigin
content-type: text/html; charset=UTF-8
location: https://ensighten.huntingtonbank.com/huntington/olb/Bootstrap.js
cache-control: max-age=0, no-cache, no-store
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H2 200 Auth.css
onlinebanking.huntington.com//rol/Styles/Presentation/Auth/ 6 KB
2 KB 405ms
149ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/Auth/Auth.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1371074868"
content-length: 1800
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 jquery.cookie.js Show response
onlinebanking.huntington.com//rol/Script/jquery.cookie/ 2 KB
1 KB 405ms
149ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/jquery.cookie/jquery.cookie.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-2116987360"
content-length: 703
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2 200 json2.min.js Show response
onlinebanking.huntington.com//rol/Script/Ajax/ 17 KB
6 KB 411ms
155ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Script/Ajax/json2.min.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="412686207"
content-length: 5455
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H2

200

rol-manage.js Show response
www.huntington.com/Presentation/
Redirect Chain

https://www.huntington.com/-/fxm/web/
https://www.huntington.com/Presentation/rol-manage.js

1 KB
1 KB

12ms
12ms

Script
application/javascript

95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/rol-manage.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="1752730031"
content-length: 599
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:14:24 GMT
x-frame-options: sameorigin
date: Thu, 23 Dec 2021 16:28:12 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1561122
etag: "0e8102c67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 18:06:54 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: master-only
x-ruxit-js-agent: true
date: Thu, 23 Dec 2021 16:28:12 GMT
x-frame-options: sameorigin
p3p: CP="NON CUR OTPi OUR NOR UNI"
location: https://www.huntington.com:443/Presentation/rol-manage.js
x-oneagent-js-injection: true
x-xss-protection: 1; mode=block
server-timing: dtSInfo;desc="1"
content-type: text/html; charset=UTF-8
content-length: 180
x-content-type-options: nosniff
x-ua-compatible: IE=edge

GET
H2 200 chat-fab.js Show response
www.huntington.com/Presentation/Scripts/ 19 KB
7 KB 338ms
83ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="16412880"
content-length: 7010
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:18:58 GMT
x-frame-options: sameorigin
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1550686
etag: "0fd61cf67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 15:12:57 GMT

GET
H2 200 site-survey.min.js Show response
www.huntington.com/Presentation/Scripts/ 7 KB
3 KB 334ms
79ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="1948025864"
content-length: 3053
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:18:58 GMT
x-frame-options: sameorigin
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1550251
etag: "0fd61cf67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 15:05:42 GMT

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ 5 KB
2 KB 649ms
124ms Script
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

14b3eae5b73c8a952f11d4e096dd0e5b9295d8fd141ded5efc06d4e1eff9f892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "GGTyXaYlCyL"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
last-modified: Wed, 22 Dec 2021 07:05:19 GMT
accept-ranges: bytes
content-length: 1963
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 17:28:11 GMT

GET
H2 200 site-survey.min.css
www.huntington.com/Presentation/Styles/ 4 KB
2 KB 332ms
77ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="522358971"
content-length: 1249
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:18:58 GMT
x-frame-options: sameorigin
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1550259
etag: "0fd61cf67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 15:05:50 GMT

GET
H2 200 oo_engine.min.js Show response
www.huntington.com/Presentation/Scripts/ 45 KB
15 KB 333ms
78ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1856506331"
content-length: 14478
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:18:58 GMT
x-frame-options: sameorigin
date: Thu, 23 Dec 2021 16:28:11 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1550111
etag: "0fd61cf67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 15:03:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 2 KB
2 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1606808232179&cv=9&fst=1606808232179&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff8b6de95a71678a3bb59eafabcdb7b9b1afa7f3c1e3f3959adb854b3fb8398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 404
Not Found WebResource.axd
salesauto-645i.ddns.net/rol/ 0
0 182ms
92ms Script
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found WebResource.axd
salesauto-645i.ddns.net/rol/ 0
0 181ms
90ms Script
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
672 B 128ms
39ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2001%20Dec%202020%2007%3A37%3A11%20GMT&n=-5&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&enc=UTF-8&tagmgr=gtm%2Censighten

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 0
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
275 B 125ms
51ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&enc=UTF-8&et=custom&ec=Visit&ea=Online%20Banking&el=olb%3A%20login&tagmgr=gtm%2Censighten

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 0
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H/1.1 404
Not Found reset.css
salesauto-645i.ddns.net/rol/Styles/Structure/960/ 0
0 91ms
90ms Stylesheet
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/Styles/Structure/960/reset.css
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:11 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 huntington-rol-print.css
onlinebanking.huntington.com//rol/Styles/Presentation/ 8 KB
3 KB 18ms
17ms Stylesheet
text/css 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol-print.css

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-2045209542"
content-length: 2198
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/849064376/ 42 B
548 B 141ms
53ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1606808232179&cv=9&fst=1606806000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=3422836163&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/849064376/ 42 B
548 B 141ms
55ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849064376/?random=1606808232179&cv=9&fst=1606806000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=900&u_w=1600&u_ah=860&u_aw=1600&u_cd=24&u_his=2&u_tz=300&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=3422836163&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 InqFramework.js
media-lax1.inq.com/media/launch/ci/ 0
290 KB 168ms
121ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/launch/ci/InqFramework.js?codeVersion=1605769067137
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
server: nginx
etag: W/"61774ab2-16203a"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=3600, public
alt-svc: clear
expires: Thu, 23 Dec 2021 17:28:12 GMT

GET
H2 200 pre-acif.js
huntingtonbank.inq.com/tagserver/acif/ 0
556 B 122ms
121ms Other
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "CZNYrMxQHjq"
strict-transport-security: max-age=31536000; includeSubDomains
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
cache-control: max-age=3600
last-modified: Wed, 22 Dec 2021 07:03:42 GMT
accept-ranges: bytes
content-type: application/javascript
vary: Accept-Encoding
content-length: 139
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-lax1.inq.com/media/launch/acif/ 0
132 KB 189ms
142ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/launch/acif/acif.js
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 09:42:14 GMT
server: nginx
etag: W/"6177cd76-5c039"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=3600, public
alt-svc: clear
expires: Thu, 23 Dec 2021 17:28:12 GMT

GET
H2 200 acif-configs.js
media-lax1.inq.com/media/sites/10006663/assets/automatons/ 0
4 KB 188ms
141ms Other
application/javascript 35.186.193.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://media-lax1.inq.com/media/sites/10006663/assets/automatons/acif-configs.js
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.174 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.193.186.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
last-modified: Thu, 08 Jul 2021 22:00:28 GMT
server: nginx
etag: W/"60e7757c-30c0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 google
cache-control: max-age=3600, public
alt-svc: clear
expires: Thu, 23 Dec 2021 17:28:12 GMT

GET
H/1.1 404
Not Found WebResource.axd
salesauto-645i.ddns.net/rol/ 0
0 91ms
91ms Script
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 background-960.jpg
onlinebanking.huntington.com//rol/Images/UI/ 3 KB
3 KB 16ms
15ms Image
image/jpeg 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com//rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com//rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1717443564"
content-length: 2997
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H/1.1 404
Not Found WebResource.axd
salesauto-645i.ddns.net/rol/ 0
0 91ms
90ms Script
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 nuanceChat.html Show response
onlinebanking.huntington.com/nuance/ Frame D06C 449 B
2 KB 405ms
404ms Document
text/html 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: BigIP /
Resource Hash: 033089e6e3983bbf4dfbf896d0456a378e2482fa2899f6fb81a5af9dbb6d43d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/

Response headers

content-type: text/html
server: BigIP
x-akamai-transformed: 9 338 0 pmb=mTOE,1
vary: Accept-Encoding
content-encoding: gzip
date: Thu, 23 Dec 2021 16:28:13 GMT
content-length: 317

GET
H/1.1 200
OK dest5.html Show response
huntington-bank.demdex.net/ Frame DE1B 7 KB
3 KB 129ms
28ms Document
text/html 54.73.127.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://huntington-bank.demdex.net/dest5.html?d_nsid=0

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.73.127.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-73-127-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 23 Dec 2021 16:28:13 GMT
DCS: dcs-prod-irl1-1-v026-00b8ba9f8.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:08:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: XpGZHHhyQrA=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/ 552 B
996 B 12ms
12ms Image
image/gif 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Resource Hash

15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="283692282"
content-length: 552
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:18:58 GMT
date: Thu, 23 Dec 2021 16:28:12 GMT
x-frame-options: sameorigin
content-type: image/gif
cache-control: public, max-age=1550075
etag: "0fd61cf67d6d71:0"
accept-ranges: bytes
expires: Mon, 10 Jan 2022 15:02:47 GMT

GET
H2 200 logo-lg.png
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 29ms
28ms Image
image/png 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/logo-lg.png

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="905189538"
content-length: 2560
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
content-type: image/png
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H2 200 lock.gif
onlinebanking.huntington.com/rol/images/ 870 B
1 KB 32ms
32ms Image
image/gif 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/images/lock.gif

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="608489002"
content-length: 870
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H/1.1 404
Not Found hexlogo-footer-icon.png
salesauto-645i.ddns.net/rol/Images/ 315 B
315 B 91ms
91ms Image
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://salesauto-645i.ddns.net/rol/Images/hexlogo-footer-icon.png
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 0
bat.bing.com/action/ 0
173 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a22afb1c-2cbd-48e5-8daf-f398868c45ba&sid=f87b817033a711eb9f3641cc7a5eb32b&vid=f87bd27033a711ebb3448ba76a811b56&vids=0&pi=-1220250698&lg=en-US&sw=1600&sh=900&sc=24&tl=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&kw=Huntington%20bank%20login,%20Huntington%20online%20banking%20login&p=https%3A%2F%2Fonlinebanking.huntington.com%2Frol%2FAuth%2Flogin.aspx&r=&lt=3276&evt=pageLoad&msclkid=N&sv=1&rn=561081
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4D8C219044AA4BF2B4D6DE9A9885BA66 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
95 B 34ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a22afb1c-2cbd-48e5-8daf-f398868c45ba&sid=f87b817033a711eb9f3641cc7a5eb32b&vid=f87bd27033a711ebb3448ba76a811b56&vids=0&ec=Visit&ea=Online%20Banking&el=olb:%20login&ea2=Online%20Banking&el2=olb%3A%20login&evt=custom&msclkid=N&rn=855127
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C8D6A15722F14F2D9A3DAC4B9EA15431 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:12Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/olb/ 314 B
545 B 18ms
10ms Script
text/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ensighten.huntingtonbank.com/huntington/olb/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/olb/code/&publishedOn=Sun%20Sep%2026%2005:26:13%20GMT%202021&ClientID=1035&PageID=http%3A%2F%2Fsalesauto-645i.ddns.net%2F
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9372f642dba322df13d71e7cc18df7261a05ff66912353347a5a69c1d41d1fe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H/1.1 200
OK 7464ba092fd2c071957ea33d43e461b0.js Show response
ensighten.huntingtonbank.com/huntington/olb/code/ 125 KB
41 KB 15ms
15ms Script
application/javascript 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ensighten.huntingtonbank.com/huntington/olb/code/7464ba092fd2c071957ea33d43e461b0.js?conditionId0=422774
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/ensightenBootstrap.js
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3658adb06f6e53e6d979841f2260357cd9c1bffb7c6b89e2ca60a757a9904ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Sep 2021 05:26:13 GMT
Server: nginx
ETag: W/"61500475-1f23a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
cache-control: max-age=315360000
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 12ms
8ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27subProducts%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Products%20as%20JSON%2C%20ID%3A52332.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 17ms
9ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27address%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Location%2C%20ID%3A52096.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 16ms
9ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27idHash%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Id%20Hash%2C%20ID%3A52100.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:11 GMT

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 225ms
216ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27subProducts%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Products%2C%20ID%3A52098.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:13 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 17ms
8ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27split%27)%22%20error%20caught%20in%20Data%20Definition%20transformer%3A%20OLB%20-%20Products%20as%20JSON%2C%20ID%2052332.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=-1&did=-1&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:12 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:11 GMT

GET generic
www.huntington.com/ 0
0

GET
H2 200 background-960.jpg
onlinebanking.huntington.com//rol/Images/UI/ 3 KB
3 KB 13ms
12ms Image
image/jpeg 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com//rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-100-153-98.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1717443564"
content-length: 2997
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Thu, 23 Dec 2021 16:28:12 GMT
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle
https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

87 KB
35 KB

51ms
51ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98b51de82ae6a8150a94348c538b496fbe9ec1435b66997cb9576bc17fad6785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35969
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle
Non-Authoritative-Reason: HSTS

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
385 B 106ms
106ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2023%20Dec%202021%2016%3A28%3A12%20GMT&n=0&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&enc=UTF-8&yv=1.10.2&tagmgr=gtm%2Censighten

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Dec 2021 16:28:13 GMT

GET
H/1.1 204
No Content e.gif
ensighten.huntingtonbank.com/error/ 0
193 B 10ms
10ms Image
text/plain 3.124.173.63
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ensighten.huntingtonbank.com/error/e.gif?msg=%22TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27segment%27)%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20OLB%20-%20Segment%2C%20ID%3A52097.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=olb&rid=3594053&did=353147&errorName=DataDefinitionException
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: HTTP/1.1
Server: 3.124.173.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-173-63.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Thu, 23 Dec 2021 16:28:13 GMT
Cache-Control: no-cache, no-store
Server: nginx
Connection: keep-alive
Expires: Thu, 23 Dec 2021 16:28:12 GMT

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c
https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c

87 KB
35 KB

49ms
49ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1dabab554f935eef34a9043f4492e910aa71da568928d98b267571230505142

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35962
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c

98 KB
39 KB

86ms
86ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81916266a4d7a0d18c5062ce67c61895fda84a0d2ac11eb060dd461f8394c034

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39704
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c

97 KB
39 KB

75ms
74ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

00d91c71c02b87f76f1f399616544a82021813f59f257b85679ec97d9282196b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39576
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayerGoogle&cx=c
Non-Authoritative-Reason: HSTS

GET
H3

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c
https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c

97 KB
39 KB

63ms
63ms

Script
application/javascript

2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

798849a1b24f1c622ac52837cf349a5e984ca84addf240523f92a236c59c6d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39610
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayerGoogle&cx=c
Non-Authoritative-Reason: HSTS

GET
H2

200

/
insight.adsrvr.org/track/conv/
Redirect Chain

http://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login
https://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login

0
173 B

100ms
33ms

Image
text/plain

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login
Requested by: Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://insight.adsrvr.org:443/track/conv/?ct=0:7bz3p7f&adv=l6jmegy&td1=olb:%20login
Date: Thu, 23 Dec 2021 16:28:13 GMT
Server: awselb/2.0
Connection: keep-alive
Content-Length: 134
Content-Type: text/html

GET
H/1.1 200
OK conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 85ms
47ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayerGoogle&cx=c

Protocol

HTTP/1.1

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 23 Dec 2021 16:28:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12503521247758841375
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 14328
X-XSS-Protection: 0
Expires: Thu, 23 Dec 2021 16:28:13 GMT

GET
H/1.1

200
OK

s76396092392667
metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/
Redirect Chain

http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=htt...
http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20l...

43 B
599 B

236ms
236ms

Image
image/gif

15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=salesauto-645i.ddns.net%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

HTTP/1.1

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 24 Dec 2021 16:28:13 GMT
server: jag
xserver: anedge-675dccd488-l9jz5
etag: 3522467807374278656-4619760140627760105
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 22 Dec 2021 16:28:13 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 24 Dec 2021 16:28:13 GMT
server: jag
access-control-allow-origin: *
xserver: anedge-675dccd488-tjcc5
x-c: main-1548.I52ef9e.M0-537
p3p: CP="This is not a P3P policy"
location: http://metrics.huntington.com/b/ss/huntingtonhuntingtonprod/1/JS-2.10.0/s76396092392667?AQB=1&pccr=true&ndh=1&pf=1&t=23%2F11%2F2021%2016%3A28%3A13%204%200&ce=UTF-8&ns=huntington&pageName=olb%3A%20login&g=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&ch=olb&events=event183&c1=olb%3A%20login&c2=olb%3A%20login&c3=olb%3A%20login&v3=typed%2Fbookmarked&c4=olb%3A%20login&v5=olb%3A%20login&v6=olb&c7=salesauto-645i.ddns.net%2F&c15=not%20authenticated&v17=regular&c23=olb%3A%20login&c24=not%20authenticated%3Aolb%3A%20login&c32=olb%3A%20login&c34=2.10.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Wed, 22 Dec 2021 16:28:13 GMT

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ Frame D06C 5 KB
2 KB 122ms
122ms Script
application/javascript 52.189.67.17
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

14b3eae5b73c8a952f11d4e096dd0e5b9295d8fd141ded5efc06d4e1eff9f892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
etag: "GGTyXaYlCyL"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
last-modified: Wed, 22 Dec 2021 07:05:19 GMT
accept-ranges: bytes
content-length: 1963
x-xss-protection: 1; mode=block
expires: Thu, 23 Dec 2021 17:28:13 GMT

GET
H2 200 cJC8B Show response
onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/ Frame D06C 77 KB
20 KB 19ms
19ms Script
application/javascript 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/cJC8B
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
last-modified: Mon, 26 Apr 2021 16:10:06 GMT
etag: "d1dbb955755ca44a0b872a64f97c471a45b14e941f69d082c19f792576ae34fb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 19642
expires: Thu, 23 Dec 2021 16:28:13 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/ 2 KB
1 KB 151ms
104ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1640276893352&cv=9&fst=1640276893352&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dc9532adafcd34a6b8b5b492803900a3049750d8127223019a6714d19b35b07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/ 2 KB
1 KB 96ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1640276893356&cv=9&fst=1640276893356&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899c23b030315a24373f8a4506dd4f5e6524597d1b03c0f2eb3349b2860dab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1054
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/ 2 KB
1 KB 91ms
54ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1640276893360&cv=9&fst=1640276893360&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: http://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51ddee29640557189728fd7b39f3d757fc0d632c3be332519a8ed91d584d9c0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ Frame D06C 20 KB
7 KB 145ms
16ms Script
application/javascript 2620:1ec:27::cafe:1644
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1640156693637

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:27::cafe:1644 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

bb2fe0bac025d6527fceeec3133c1378d9d8fbab88c7ea904f81dae622dbc578

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
samesite: Strict
x-azure-ref-originshield: 0v6HEYQAAAAAnvqGpktTeSpywOkjUI7YlTE9OMjFFREdFMDEwNgBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-cache: TCP_HIT
vary: Accept-Encoding
content-length: 6232
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Dec 2021 07:47:38 GMT
server: TouchCommerce Server
date: Thu, 23 Dec 2021 16:28:12 GMT
x-azure-ref: 0naPEYQAAAABeCmMqPEtaTIt+WDIukvIzWlJIRURHRTA2MTUAY2I0ZDQzZDUtMzQyNy00MmUzLWE2MGYtZjMwYmFlZjJmZTNj
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
etag: "+JsxFn/GNIT"
accept-ranges: bytes

POST
H2 201 cJC8B Show response
onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/ Frame D06C 18 B
1 KB 14ms
14ms XHR
application/json 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/cJC8B
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/cJC8B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onlinebanking.huntington.com
date: Thu, 23 Dec 2021 16:28:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

GET
H3 200 /
www.google.com/pagead/1p-user-list/786635084/ 42 B
64 B 96ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786635084/?random=1640276893356&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=817418506&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/786635084/ 42 B
64 B 96ms
49ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/786635084/?random=1640276893356&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=817418506&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849063932/ 42 B
64 B 94ms
48ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849063932/?random=1640276893360&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=4289898935&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849063932/ 42 B
64 B 98ms
52ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849063932/?random=1640276893360&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=4289898935&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849073348/ 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849073348/?random=1640276893352&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=4206476115&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849073348/ 42 B
64 B 51ms
50ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849073348/?random=1640276893352&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=4206476115&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: salesauto-645i.ddns.net
URL: http://salesauto-645i.ddns.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2... Show response
10701487.fls.doubleclick.net/ Frame 2694
Redirect Chain

http://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F...
http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=...

529 B
1000 B

50ms
50ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Protocol

HTTP/1.1

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

99001635bff836a3981a86f9782de8397466c26891e74287661d5f24135f8991

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Dec 2021 16:28:13 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 416
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Dec 2021 16:28:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1

200
OK

activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%... Show response
10701487.fls.doubleclick.net/ Frame 8581
Redirect Chain

http://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=htt...
http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;...

536 B
1004 B

50ms
50ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle

Protocol

HTTP/1.1

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

94aae334c431da9585dad229e26e7b94ac4a4afd0f831b03f349f0894a51e953

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Dec 2021 16:28:13 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 420
X-XSS-Protection: 0

Redirect headers

P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 23 Dec 2021 16:28:13 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Follow-Only-When-Prerender-Shown: 1
Strict-Transport-Security: max-age=21600
Location: http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 3 KB
1 KB 169ms
168ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1640276893633&cv=9&fst=1640276893633&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&ig=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f36e2e5abee2dd2e576124a3e34ce7a38db2ad035b3179d2098c4ea3a9d545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1123
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bat.js Show response
bat.bing.com/
Redirect Chain

http://bat.bing.com/bat.js
https://bat.bing.com/bat.js

36 KB
10 KB

30ms
29ms

Script
application/javascript

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:12 GMT
content-encoding: gzip
last-modified: Fri, 03 Dec 2021 01:53:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5FD16766047742758BB0230DA7587B97 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:13Z
etag: "0cb09ee8e7d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 10468

Redirect headers

Location: https://bat.bing.com/bat.js
Non-Authoritative-Reason: HSTS

GET
H2

200

tr
www.facebook.com/
Redirect Chain

http://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no
https://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no

44 B
295 B

23ms
7ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=5140493269326436&ev=PageView&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no
Non-Authoritative-Reason: HSTS

GET
H2

200

tr
www.facebook.com/
Redirect Chain

http://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=
https://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=

44 B
101 B

23ms
8ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=

Protocol

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 23 Dec 2021 16:28:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Thu, 23 Dec 2021 16:28:13 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=121543311796381&ev=ViewContent&cd[content_name]=olb%3A%20login&cd[user]=&cd[customertype]=&cd[productowned]=&cd[custid]=&cd[alerts]=no&cd[geo]=
Non-Authoritative-Reason: HSTS

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
79 B 40ms
39ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&.yp=10030245&f=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&enc=UTF-8&yv=1.10.2&et=custom&ec=Visit&ea=Online%20Banking&el=olb%3A%20login&tagmgr=gtm%2Censighten

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 23 Dec 2021 16:28:13 GMT

GET
H2 204 5067672.js Show response
bat.bing.com/p/action/ 0
112 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/5067672.js
Requested by: Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ARR/3.0
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Dec 2021 16:28:12 GMT
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F93E77B97BBC49EDAE72F399AFDFD623 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:13Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
95 B 36ms
36ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a700de64-b2d3-4fd4-808a-6dfa8537c682&sid=5353d5a0640d11ec97635f445ec58b00&vid=5353df50640d11ec81d103e050df2efe&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&kw=Huntington%20bank%20login,%20Huntington%20online%20banking%20login&p=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&r=&lt=3132&evt=pageLoad&msclkid=N&sv=1&rn=877845
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: CF96CF18ECE04C82AA2CC536A08F1533 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
95 B 32ms
32ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=a700de64-b2d3-4fd4-808a-6dfa8537c682&sid=5353d5a0640d11ec97635f445ec58b00&vid=5353df50640d11ec81d103e050df2efe&vids=0&ec=Visit&ea=Online%20Banking&el=olb:%20login&ea2=Online%20Banking&el2=olb%3A%20login&evt=custom&msclkid=N&rn=241614
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:12 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C991C389CD5A4954B54EDF3AD9F47259 Ref B: FRAEDGE1408 Ref C: 2021-12-23T16:28:13Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto... Show response
adservice.google.com/ddm/fls/i/ Frame EA9D 528 B
883 B 161ms
74ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: http://10701487.fls.doubleclick.net/activityi;dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

719849a884c320f3b2e93af86340887d2d996cd937822e4309910a6e85280833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://10701487.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Dec 2021 16:28:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsa... Show response
adservice.google.com/ddm/fls/i/ Frame 665C 535 B
489 B 160ms
74ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: http://10701487.fls.doubleclick.net/activityi;dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b18c5fe81519c1c5c1cdcf48237d254a7080617e6cfb3b1c68b24ee17baf72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://10701487.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Dec 2021 16:28:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 419
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.google.com/pagead/1p-user-list/849064376/ 42 B
64 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1640276893633&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=1304419442&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/849064376/ 42 B
64 B 48ms
48ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/849064376/?random=1640276893633&cv=9&fst=1640275200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oac10&sendb=1&data=event%3Dpage_view%3Bpagenameevent%3Dolb%3A%20login%3Badobeidappid%3D%7C%3Bcitystatezip%3D%3Bcustomerstatus%3D%3Bproductsowned%3D%3Bcustid%3D%3Balerts%3D&frm=0&url=http%3A%2F%2Fsalesauto-645i.ddns.net%2F&tiba=Huntington%20Online%20Banking%20Login%20%7C%20Huntington&async=1&fmt=3&is_vtc=1&random=1304419442&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://salesauto-645i.ddns.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Dec 2021 16:28:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 cJC8B Show response
onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/ Frame D06C 18 B
1 KB 15ms
15ms XHR
application/json 95.100.153.98
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/cJC8B
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/HF8VOE/sBE6NS/Sfyayq/Vbur/4B/Di3u0VGtD7Q3/MngDAQ/A31AMld/cJC8B
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.153.98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-153-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://onlinebanking.huntington.com
date: Thu, 23 Dec 2021 16:28:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 18
vary: Origin
content-type: application/json

GET
H2 200 dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto... Show response
adservice.google.de/ddm/fls/i/ Frame A5D2 194 B
242 B 163ms
75ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL3u08yr-vQCFWJCHQkdpAAGGw;src=10701487;type=global;cat=allpv;ord=9288035993164;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Dec 2021 16:28:14 GMT
expires: Thu, 23 Dec 2021 16:28:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsa... Show response
adservice.google.de/ddm/fls/i/ Frame 1CB9 194 B
870 B 162ms
75ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJ2D1Myr-vQCFY8WGwodJo8H9A;src=10701487;type=global;cat=uvisit;ord=1;num=8088518277896;gtm=2odc10;auiddc=551407108.1640276893;u1=olb%3A%20login;u4=;u8=;u9=;u10=;u11=%7C;~oref=http%3A%2F%2Fsalesauto-645i.ddns.net%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 23 Dec 2021 16:28:14 GMT
expires: Thu, 23 Dec 2021 16:28:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 404
Not Found rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
salesauto-645i.ddns.net/ 315 B
515 B 91ms
91ms XHR
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=3924045560;end=1
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: http://salesauto-645i.ddns.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 23 Dec 2021 16:28:14 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

POST
H/1.1 404
Not Found rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
salesauto-645i.ddns.net/ 315 B
515 B 181ms
180ms XHR
text/html 13.68.189.91
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://salesauto-645i.ddns.net/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=71442176;end=1
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com//rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js
Protocol: HTTP/1.1
Server: 13.68.189.91 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: http://salesauto-645i.ddns.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 23 Dec 2021 16:28:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=94
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huntington.com
URL: https://www.huntington.com/generic?sc_site=ROL

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.salesauto-645i.ddns.net/	1969-12-31 23:59:59	Name: dtCookie Value: -68$TUJ8E7O73K2TSNKJVMN6MO7MGLPOARPO
.salesauto-645i.ddns.net/	1970-01-20 17:09:08	Name: rxVisitor Value: 1640276891806ABSMLVVST8DJA6JU5BJUMDRCM396SGHL
.salesauto-645i.ddns.net/	1969-12-31 23:59:59	Name: dtSa Value: -
.salesauto-645i.ddns.net/	1969-12-31 23:59:59	Name: dtLatC Value: 50
.bing.com/	1970-01-20 08:59:32	Name: MUID Value: 2C9E3237431D6E2825C8232142766F34
.yahoo.com/	1970-01-20 08:23:54	Name: A3 Value: d=AQABBJyjxGECEHhJ8_--nr6EC-o5WaAG4P8FEgEBAQH1xWHOYQAAAAAA_eMAAA&S=AQAAAtHTPYLTAMMho2EjkL2CVi0
.salesauto-645i.ddns.net/	1970-01-20 08:23:32	Name: rkglsid Value: h-4f6dcbf486e9ed63735afa3917de81f1_t-1640276893
salesauto-645i.ddns.net/	1970-01-20 01:47:32	Name: 65343 Value:
.salesauto-645i.ddns.net/	1970-01-20 01:47:32	Name: _gcl_au Value: 1.1.551407108.1640276893
.doubleclick.net/	1970-01-20 08:59:32	Name: IDE Value: AHWqTUmP6tvKZUnM5lLvOQg8hfw5gvawj19aTsENE1j-ly5Kcf0z0LvYj-5CANKR
.salesauto-645i.ddns.net/	1969-12-31 23:59:59	Name: rxvt Value: 1640278693602\|1640276891807
.salesauto-645i.ddns.net/	1969-12-31 23:59:59	Name: dtPC Value: -68$476891803_252h-vMAFSAPKWPFGFCDRKLAVTMUIUPUPKCKMF-0e0
.salesauto-645i.ddns.net/	1970-01-19 23:39:23	Name: _uetsid Value: 5353d5a0640d11ec97635f445ec58b00
.salesauto-645i.ddns.net/	1970-01-20 08:59:32	Name: _uetvid Value: 5353df50640d11ec81d103e050df2efe

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://salesauto-645i.ddns.net/rol/Styles/Structure/960/reset.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/Styles/Structure/960/reset.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rol/Images/hexlogo-footer-icon.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	error	URL: https://huntington-bank.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://onlinebanking.huntington.com') does not match the recipient window's origin ('http://salesauto-645i.ddns.net').
javascript	error	URL: http://salesauto-645i.ddns.net/ Message: Access to XMLHttpRequest at 'https://www.huntington.com/generic?sc_site=ROL' from origin 'http://salesauto-645i.ddns.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/generic?sc_site=ROL Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 39) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 39) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 39) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487&l=dataLayerGoogle(Line 39) Message: Unrecognized feature: 'conversion-measurement'.
network	error	URL: http://salesauto-645i.ddns.net/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=3924045560;end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://salesauto-645i.ddns.net/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=71442176;end=1 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10701487.fls.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
ensighten.huntingtonbank.com
googleads.g.doubleclick.net
huntington-bank.demdex.net
huntingtonbank.inq.com
insight.adsrvr.org
media-lax1.inq.com
media-us1.digital.nuance.com
metrics.huntington.com
onlinebanking.huntington.com
s.yimg.com
salesauto-645i.ddns.net
sp.analytics.yahoo.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.huntington.com
www.huntington.com
13.68.189.91
142.250.186.134
142.250.186.66
15.188.95.229
15.197.193.217
212.82.100.181
2620:1ec:27::cafe:1644
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a03:2880:f11c:8083:face:b00c:0:25de
3.124.173.63
35.186.193.174
52.189.67.17
54.73.127.110
95.100.153.98
00d91c71c02b87f76f1f399616544a82021813f59f257b85679ec97d9282196b
017cdaac86d3555f5f1b11148921f2b3917804949d3a4e0a50f506b2e324448f
033089e6e3983bbf4dfbf896d0456a378e2482fa2899f6fb81a5af9dbb6d43d6
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0899c23b030315a24373f8a4506dd4f5e6524597d1b03c0f2eb3349b2860dab2
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81
14b3eae5b73c8a952f11d4e096dd0e5b9295d8fd141ded5efc06d4e1eff9f892
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4108fc5eb175e92fecb4d46280cc412d740ea217739526db25b131bfe9e2428d
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
44b18c5fe81519c1c5c1cdcf48237d254a7080617e6cfb3b1c68b24ee17baf72
47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
4f9023208f03b3566fc5f9796d8a867c51d87ac37dddc44170d197a653bddf47
51ddee29640557189728fd7b39f3d757fc0d632c3be332519a8ed91d584d9c0e
55bf2c5c7e54452e082c3f3c8a114b39e17c1c6d1489c7fb363e1015eefeeeeb
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
719849a884c320f3b2e93af86340887d2d996cd937822e4309910a6e85280833
759d6f0c1292d86d24d7abe7ad9a2cd1d86df0041260f98186ccfa26c7daab62
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
798849a1b24f1c622ac52837cf349a5e984ca84addf240523f92a236c59c6d8d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
81916266a4d7a0d18c5062ce67c61895fda84a0d2ac11eb060dd461f8394c034
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
9372f642dba322df13d71e7cc18df7261a05ff66912353347a5a69c1d41d1fe1
93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79
94aae334c431da9585dad229e26e7b94ac4a4afd0f831b03f349f0894a51e953
98b51de82ae6a8150a94348c538b496fbe9ec1435b66997cb9576bc17fad6785
99001635bff836a3981a86f9782de8397466c26891e74287661d5f24135f8991
9dc9532adafcd34a6b8b5b492803900a3049750d8127223019a6714d19b35b07
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
bb2fe0bac025d6527fceeec3133c1378d9d8fbab88c7ea904f81dae622dbc578
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
bf4f4acbd47a613cf6c5df826fc51221c89919047cbaf8fb3c0387b22d6032f9
d1dabab554f935eef34a9043f4492e910aa71da568928d98b267571230505142
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dcc30a5e69695c205365e27ad0f09f75d36f0350a8e016354c36b95e07a05ae6
dfed159907574337d5a3198b898e17e6f0d6c5c325d8ee2fd2343b7cddb34994
dff8b6de95a71678a3bb59eafabcdb7b9b1afa7f3c1e3f3959adb854b3fb8398
e1f36e2e5abee2dd2e576124a3e34ce7a38db2ad035b3179d2098c4ea3a9d545
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
e3658adb06f6e53e6d979841f2260357cd9c1bffb7c6b89e2ca60a757a9904ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

salesauto-645i.ddns.net Open in urlscan Pro 13.68.189.91 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

65 %HTTPS

48 %IPv6

16 Domains

22 Subdomains

22 IPs

5 Countries

1084 kBTransfer

1658 kBSize

14 Cookies

7 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

salesauto-645i.ddns.net Open in urlscan Pro
13.68.189.91 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

65 %
HTTPS

48 %
IPv6

16
Domains

22
Subdomains

22
IPs

5
Countries

1084 kB
Transfer

1658 kB
Size

14
Cookies

104 HTTP transactions
0 data transactions