urlscan.io logo urlscan.io
SecurityTrails logo

www.dadahj.com Open in urlscan Pro
206.119.74.57  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Effective URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Submission: On January 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 4 countries across 20 domains to perform 92 HTTP transactions. The main IP is 206.119.74.57, located in United States and belongs to FD-298-8796, US. The main domain is www.dadahj.com.
This is the only time www.dadahj.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 20 206.119.74.57 8796 (FD-298-8796)
16 23.36.163.233 20940 (AKAMAI-ASN1)
8 3.124.119.57 16509 (AMAZON-02)
1 52.189.67.17 8075 (MICROSOFT...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
1 7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:206... 16509 (AMAZON-02)
3 3 2620:1ec:22::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 65.9.65.116 16509 (AMAZON-02)
2 4 142.250.185.102 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
1 2620:1ec:4a::27 8075 (MICROSOFT...)
1 2a03:2880:f11... 32934 (FACEBOOK)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 15.197.193.217 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 44.196.97.191 14618 (AMAZON-AES)
1 2 34.224.217.250 14618 (AMAZON-AES)
92 25
20    206.119.74.57 (United States)

ASN8796 (FD-298-8796, US)
dadahj.com
www.dadahj.com
16    23.36.163.233 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-233.deploy.static.akamaitechnologies.com
www.huntington.com
8    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
ensighten.huntingtonbank.com
1    52.189.67.17 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
huntingtonbank.inq.com
1    2a02:26f0:3500:18::1724:a294 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.clinch.co
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
7    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:206f:4000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
3    2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
1    65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net
js.adsrvr.org
4    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
10701487.fls.doubleclick.net
5    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2620:1ec:4a::27 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-us1.digital.nuance.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a00:1450:400d:806::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
2    2606:4700:3037::6815:1023 (United States)

ASN13335 (CLOUDFLARENET, US)
plugins.doubleclicks.biz
1    44.196.97.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-97-191.compute-1.amazonaws.com
trk.clinch.co
2    34.224.217.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-217-250.compute-1.amazonaws.com
trk.clinch.co
Apex Domain
Subdomains		 Transfer
20 dadahj.com
dadahj.com
www.dadahj.com
141 KB
16 huntington.com
www.huntington.com — Cisco Umbrella Rank: 61606
449 KB
9 doubleclick.net
10701487.fls.doubleclick.net — Cisco Umbrella Rank: 118777
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
8 KB
8 huntingtonbank.com
ensighten.huntingtonbank.com — Cisco Umbrella Rank: 93536
108 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5880
adservice.google.de — Cisco Umbrella Rank: 8253
2 KB
7 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 74
2 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
335 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 358
www.linkedin.com — Cisco Umbrella Rank: 570
px4.ads.linkedin.com — Cisco Umbrella Rank: 6226
3 KB
4 bing.com
bat.bing.com — Cisco Umbrella Rank: 362
12 KB
4 clinch.co
cdn.clinch.co — Cisco Umbrella Rank: 5096
trk.clinch.co — Cisco Umbrella Rank: 3955
6 KB
2 doubleclicks.biz
plugins.doubleclicks.biz — Cisco Umbrella Rank: 273572
2 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1203
880 B
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1388
insight.adsrvr.org — Cisco Umbrella Rank: 632
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 150
136 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 485
7 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 nuance.com
media-us1.digital.nuance.com — Cisco Umbrella Rank: 7100
7 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 810
370 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 682
5 KB
1 inq.com
huntingtonbank.inq.com — Cisco Umbrella Rank: 91152
2 KB
92 20
Domain Requested by
19 www.dadahj.com www.dadahj.com
media-us1.digital.nuance.com
16 www.huntington.com www.dadahj.com
www.huntington.com
8 ensighten.huntingtonbank.com www.dadahj.com
ensighten.huntingtonbank.com
7 www.googletagmanager.com 1 redirects www.dadahj.com
5 www.google.de www.dadahj.com
5 www.google.com www.dadahj.com
5 googleads.g.doubleclick.net www.googletagmanager.com
4 10701487.fls.doubleclick.net 2 redirects www.googletagmanager.com
4 bat.bing.com www.dadahj.com
bat.bing.com
3 trk.clinch.co 2 redirects cdn.clinch.co
2 plugins.doubleclicks.biz www.dadahj.com
2 adservice.google.de adservice.google.com
2 adservice.google.com 10701487.fls.doubleclick.net
2 sp.analytics.yahoo.com www.dadahj.com
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net ensighten.huntingtonbank.com
connect.facebook.net
2 s.yimg.com ensighten.huntingtonbank.com
s.yimg.com
1 insight.adsrvr.org js.adsrvr.org
1 www.facebook.com www.dadahj.com
1 media-us1.digital.nuance.com huntingtonbank.inq.com
1 js.adsrvr.org ensighten.huntingtonbank.com
1 px4.ads.linkedin.com www.dadahj.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 snap.licdn.com ensighten.huntingtonbank.com
1 cdn.clinch.co ensighten.huntingtonbank.com
1 huntingtonbank.inq.com www.huntington.com
1 dadahj.com 1 redirects
92 28
Subject Issuer Validity Valid
huntington.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-10 -
2023-05-12		 a year crt.sh
ensighten.huntingtonbank.com
Entrust Certification Authority - L1K		 2022-05-24 -
2023-06-23		 a year crt.sh
*.inq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-12		 a year crt.sh
*.clinch.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-25 -
2023-07-27		 a year crt.sh
*.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-12-14 -
2023-02-01		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-21 -
2023-01-19		 3 months crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-01-03 -
2023-06-28		 6 months crt.sh
*.digital.nuance.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-12-12 -
2023-03-06		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclicks.biz
GTS CA 1P5		 2022-12-20 -
2023-03-20		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Frame ID: E59531B9C8159D7A8B9BFB8321005FF9
Requests: 71 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: B21071850974B8401BEA7DB9BB623B87
Requests: 1 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: 66ED317B7C53559D2E0374826D96B509
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: 87F9A1BB3A0DC1CD6FFD86BA1059BEA1
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: D85E0B670B075582725A6FFFA857AB5F
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: A5E7A4899B97FBA6D4A30B4E5C37F9DF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Frame ID: E87714FD8C7FD965615123E7F37488AF
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1673529588271
Frame ID: 2137068269D017C760EC4704C761F4E9
Requests: 1 HTTP requests in this frame

Frame: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Frame ID: 8F60B9DA4070D8F99028993737592642
Requests: 13 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271&try2=true
Frame ID: A39A39715F634178C3B31CB5EA95EAD9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobile Banking Login | Huntington BankChat with a bankerClose FlagSearchVisit Huntington's Facebook pageVisit Huntington's Twitter feedVisit Huntington's Instagram pageVisit Huntington's YouTube pageVisit Huntington's LinkedIn page

Page URL History Show full URLs

  1. http://dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0 HTTP 301
    http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

92
Requests

62 %
HTTPS

59 %
IPv6

20
Domains

28
Subdomains

25
IPs

4
Countries

1222 kB
Transfer

3824 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0 HTTP 301
    http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • http://bat.bing.com/bat.js HTTP 307
  • https://bat.bing.com/bat.js
Request Chain 30
  • http://www.googletagmanager.com/gtag/js?id=DC-10701487 HTTP 302
  • https://www.googletagmanager.com/gtag/js?id=DC-10701487
Request Chain 39
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1673529588265%26url%3Dhttp%253A%252F%252Fwww.dadahj.com%252Fwp-content%252Fplugins%252Fdownload-plugin%252Fhunt%252F%253Fuser-agent%253DMozilla%252F5.0%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=true&e_ipv6=AQJ25goVOtThTQAAAYWmIvyqGp-uds0kcSevodJVy04oELE2hK3h4X4eDs53wGNrSm-3p4FmxWnh1rYQXHLgLuORk3az
Request Chain 46
  • https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0 HTTP 302
  • https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Request Chain 47
  • http://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Request Chain 48
  • https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0 HTTP 302
  • https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Request Chain 49
  • http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Request Chain 50
  • http://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Request Chain 51
  • http://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Request Chain 52
  • http://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP 307
  • https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Request Chain 90
  • http://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271 HTTP 301
  • https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271 HTTP 302
  • https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271&try2=true

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.dadahj.com/wp-content/plugins/download-plugin/hunt/
Redirect Chain
  • http://dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
  • http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
146 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
459ff3482203f02f2025f958ef0974b47c51a071818c8e9b87fcaacc43548dfd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 13:19:46 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Thu, 12 Jan 2023 13:19:45 GMT
Location
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Server
nginx
ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js
www.dadahj.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
548
Content-Type
text/html
HuntingtonApexWeb-Medium.woff2
www.dadahj.com/Presentation/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
HuntingtonApexWeb-Bold.woff2
www.dadahj.com/Presentation/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
HuntingtonApexWeb-Book.woff2
www.dadahj.com/Presentation/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
HuntingtonApexWeb-MediumCaps.woff2
www.dadahj.com/Presentation/fonts/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
toolkit.min.css
www.huntington.com/Presentation/Styles/ 		380 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c46a8d4e2078a8df49705adbe4a198d19650bb5091e8fb78b8a60254746b97f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:47 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="-214167458"
content-length
77573
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:34 GMT
etag
"0715748f3fdd81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2545113
accept-ranges
bytes
expires
Sat, 11 Feb 2023 00:18:20 GMT
jquery-3.4.1.min.js
www.dadahj.com/Presentation/Scripts/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/Presentation/Scripts/jquery-3.4.1.min.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Server
nginx
Connection
keep-alive
Content-Length
548
Content-Type
text/html
toolkit.min.js
www.huntington.com/Presentation/Scripts/ 		624 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Scripts/toolkit.min.js?v=ySJ443_CyvIfunUVB6h9T6EvB_xShtzhk_sveeOBkpw1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c55f48197a344500d2c2d32cf0d5535640ab97de8fb37a24ac3c8b8034f4fa8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:47 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="544376914"
content-length
197684
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:34 GMT
etag
"0715748f3fdd81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2550584
accept-ranges
bytes
expires
Sat, 11 Feb 2023 01:49:31 GMT
Bootstrap.js
ensighten.huntingtonbank.com/huntington/com/ 		227 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed714045f032d532a1b487d27bb65e3211ffaf762eab060c036eeeaddc239575

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:47 GMT
x-amz-version-id
V.cNEnwifs62cdv5ByWLsKcCB2aap3KG
content-encoding
br
via
1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
6869617
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 25 Oct 2022 01:03:34 GMT
server
nginx
etag
W/"a8be19592d40f71ad76b452dbe4ead56"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
XTKO3PI_xHH7FiL9QRkCy5N-8WSL8dR7315eNxKAC8ZEKsFBcBI72g==
lockup.svg
www.huntington.com/-/media/hcom/global/logo/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=766dc37b392f4c84b0403129acfec075&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:47 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-disposition
inline; filename="lockup.svg"
server-timing
dtSInfo;desc="0", dtRpid;desc="-1175189602"
content-length
1578
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Jul 2020 14:26:49 GMT
etag
25ac81b1cb8b4557ac63e0186de9a92b
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2545117
accept-ranges
bytes
link
<https://www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/2cUw>; rel=preload; as=script
expires
Sat, 11 Feb 2023 00:18:24 GMT
chat-fab.js
www.huntington.com/Presentation/Scripts/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:46 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="-1135399209"
content-length
7010
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Nov 2022 18:53:12 GMT
etag
"09cbc8223f9d81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=819456
accept-ranges
bytes
expires
Sun, 22 Jan 2023 00:57:22 GMT
EHL_Black_HouseOnly.svg
www.huntington.com/-/media/hcom/Icons/ 		764 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=adb05b2fdc29408687ad78c90fe98c53
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
date
Thu, 12 Jan 2023 13:19:47 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-disposition
inline; filename="EHL_Black_HouseOnly.svg"
server-timing
dtSInfo;desc="0", dtRpid;desc="-907862035"
content-length
764
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Mar 2022 19:24:24 GMT
etag
57637a2d5858427aba58213dfd85741c
x-frame-options
sameorigin
content-type
image/svg+xml
cache-control
public, max-age=2545058
accept-ranges
bytes
link
<https://www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/2cUw>; rel=preload; as=script
expires
Sat, 11 Feb 2023 00:17:25 GMT
logo-honeycomb.svg
www.huntington.com/-/media/hcom/global/logo/ 		862 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:46 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-disposition
inline; filename="logo-honeycomb.svg"
server-timing
dtRpid;desc="938876142"
content-length
449
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 11 Dec 2017 15:39:44 GMT
etag
2d91d2b82c4a40438297b714b6e7ceb5
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=755934
accept-ranges
bytes
link
<https://www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/2cUw>; rel=preload; as=script
expires
Sat, 21 Jan 2023 07:18:40 GMT
outdated.min.js
www.huntington.com/Presentation/Scripts/ 		156 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Scripts/outdated.min.js?v=RmlOPDCQOSV3rfW426Gn9DkP3Y-l9DmWwRQ876yWYNU1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3451a516a1e8e891abf18710cd5e5614e5db4ee707113f4564f6f57dbbc4c060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:47 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="-1642755359"
content-length
136
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:34 GMT
etag
"0715748f3fdd81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=2545107
accept-ranges
bytes
expires
Sat, 11 Feb 2023 00:18:14 GMT
site-survey.min.js
www.huntington.com/Presentation/Scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:46 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="988429277"
content-length
3053
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:34 GMT
etag
"0715748f3fdd81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=820683
accept-ranges
bytes
expires
Sun, 22 Jan 2023 01:17:49 GMT
b591cbd01221607a1bf7e89412ef77
www.dadahj.com/resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/resources/b591cbd01221607a1bf7e89412ef77
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:47 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
2cUw
www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/ 		191 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/2cUw
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1faeb4d3c1d1e405e2c13ef46b7a5af4529dc10c5d28fcaf19b8396a9fe7873d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:47 GMT
content-encoding
gzip
last-modified
Mon, 05 Dec 2022 18:21:47 GMT
etag
"e2e9f08a8a39054b0812211f94b53d1e260799a140be02525091e6bd0c34c27d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=21600
link
<https://www.huntington.com/4rBJ/NkpR/Z/5Q/SoSYVBQ/ui1irLQJYtiO/DFcpSVE/VlATNkk/2cUw>; rel=preload; as=script
content-length
75490
expires
Wed, 08 Feb 2023 10:15:50 GMT
muli-v11-latin-600.woff2
www.huntington.com/Presentation/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/fonts/muli-v11-latin-600.woff2
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
date
Thu, 12 Jan 2023 13:19:47 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="1164178750", dtTao;desc="1"
content-length
17080
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:33 GMT
etag
"0715748f3fdd81:0:dtagent10249220905100923HoHr"
x-frame-options
sameorigin
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=790886
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jan 2023 17:01:13 GMT
muli-v11-latin-700.woff2
www.huntington.com/Presentation/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/fonts/muli-v11-latin-700.woff2
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
date
Thu, 12 Jan 2023 13:19:47 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="995141638", dtTao;desc="1"
content-length
17128
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:33 GMT
etag
"0715748f3fdd81:0:dtagent10249220905100923HoHr"
x-frame-options
sameorigin
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=1351594
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jan 2023 04:46:21 GMT
muli-v11-latin-300.woff2
www.huntington.com/Presentation/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/fonts/muli-v11-latin-300.woff2
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
date
Thu, 12 Jan 2023 13:19:47 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="-1784652640"
content-length
16872
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:33 GMT
etag
"0715748f3fdd81:0:dtagent10249220905100923HoHr"
x-frame-options
sameorigin
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=2104131
accept-ranges
bytes
expires
Sun, 05 Feb 2023 21:48:38 GMT
HuntingtonApexWeb-Medium.woff2
www.huntington.com/Presentation/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=XGV8gv3n7XNBmr31MgBiQI5yqIg1KiyVKaPu0YFcOw41
Origin
http://www.dadahj.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
date
Thu, 12 Jan 2023 13:19:47 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="1316178220", dtTao;desc="1"
content-length
19976
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 19 Oct 2022 19:41:05 GMT
etag
"0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
x-frame-options
sameorigin
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=797247
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Jan 2023 18:47:14 GMT
inqChatLaunch10006663.js
huntingtonbank.inq.com/chatskins/launch/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Nuance Server /
Resource Hash
fe4478266750fa112bc0cf4a639a5f6a8884d5baeef3df354c67bd7141634213
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
strict-transport-security
max-age=31536000;includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 15 Dec 2022 06:26:06 GMT
server
Nuance Server
content-encoding
gzip
etag
W/"5098-1671085566555"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
x-xss-protection
1; mode=block
site-survey.min.css
www.huntington.com/Presentation/Styles/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:48 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
1249
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Nov 2022 21:50:34 GMT
etag
"0715748f3fdd81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=865066
accept-ranges
bytes
expires
Sun, 22 Jan 2023 13:37:34 GMT
serverComponent.php
ensighten.huntingtonbank.com/huntington/com/ 		317 B
743 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ensighten.huntingtonbank.com/huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Tue%20Oct%2025%2001:03:31%20GMT%202022&ClientID=1035&PageID=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Requested by
Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
108160c11d9dbfe5f0639c6e1a857bdadffbd4ad6d4b9b56e5052d49fcc47d97

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
Content-Encoding
gzip
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
hJOmE1px7KUky_uLaBWmZMK9n1utR5IhG7wyW2YG0jBLu0YAQX-l7g==
Expires
Thu, 12 Jan 2023 13:19:47 GMT
oo_engine.min.js
www.huntington.com/Presentation/Scripts/ 		45 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:48 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtSInfo;desc="0", dtRpid;desc="129805509"
content-length
14478
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Nov 2022 18:53:12 GMT
etag
"09cbc8223f9d81:0"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=850443
accept-ranges
bytes
expires
Sun, 22 Jan 2023 09:33:51 GMT
oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/ 		217 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.233 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-233.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
last-modified
Thu, 08 Dec 2022 14:19:28 GMT
x-serial
430
server
Akamai Image Manager
x-check-cacheable
YES
etag
"0715748f3fdd81:0"
content-type
image/png
cache-control
private, no-transform, max-age=306825
content-length
217
expires
Mon, 16 Jan 2023 02:33:33 GMT
e4e4515980f369e0500408adfa565653.js
ensighten.huntingtonbank.com/huntington/com/code/ 		141 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Requested by
Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
x-amz-version-id
_Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding
gzip
Via
1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
Age
651587
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Last-Modified
Tue, 25 Oct 2022 01:03:34 GMT
Server
nginx
ETag
W/"5828bc2a2ceaa2961527eedaf4167b77"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
X-Amz-Cf-Id
OiGbwMqng-rexQsE8sLi0SPTq6xadCgPDzsxEwaGD1G1EjJ7m8F1yA==
script.min.js
cdn.clinch.co/a_js/client_pixels/clq/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Requested by
Host: ensighten.huntingtonbank.com
URL: http://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:18::1724:a294 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Unused62
8096267
Date
Thu, 12 Jan 2023 13:19:48 GMT
Content-Encoding
gzip
x-amz-request-id
KHJM7AYYGE4RVM1M
x-amz-server-side-encryption
AES256
Connection
keep-alive
Content-Length
4567
x-amz-id-2
jKj/v6q0LZyKbImMU3NtrqNSfjwgiJdDHt/gzBrSCxm3r0dE7CBAp0R36WDnYgNoyTA6kzIrpvg=
Last-Modified
Tue, 11 Jan 2022 12:52:46 GMT
Server
AmazonS3
ETag
"666e09028e21421106f9ecd0ceb1ddac"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,HEAD,OPTIONS
Cache-Control
max-age=27908396
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Expires
Fri, 01 Dec 2023 13:39:44 GMT
bat.js
bat.bing.com/
Redirect Chain
  • http://bat.bing.com/bat.js
  • https://bat.bing.com/bat.js
38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Thu, 12 Jan 2023 13:19:47 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: D6DAB1426D1A4359BC2E142DFB468BBC Ref B: DUS30EDGE0316 Ref C: 2023-01-12T13:19:48Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460

Redirect headers

Location
https://bat.bing.com/bat.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ytc.js
s.yimg.com/wi/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: ensighten.huntingtonbank.com
URL: http://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:46 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
RRSS1VFFFQCW7YAX
age
3
x-amz-server-side-encryption
AES256
x-amz-id-2
nhHgOm0n8B9ZPx3rYpD7fNZGOSqiPFuiZAWv6KH+Ei3MSmiY/Lod1+0O2SO/vr6I58uHTDaMwxE=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=DC-10701487
  • https://www.googletagmanager.com/gtag/js?id=DC-10701487
112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-10701487
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
18ff3ccb5fd9c48d25129e9cdf5dc4211f58152574fa12cb5f739026c2b2ac42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44744
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=DC-10701487
Date
Thu, 12 Jan 2023 13:19:48 GMT
Cross-Origin-Resource-Policy
cross-origin
Server
Google Tag Manager
Content-Length
252
X-XSS-Protection
0
Content-Type
text/html; charset=UTF-8
e.gif
ensighten.huntingtonbank.com/error/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=3377322&did=527462&errorName=ReferenceError
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Age
46503
X-Cache
Hit from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
sg3h-Njdu2pRq4lx7hwluceN1XukkvbI-hfS5rnmtEGDrMMEoND9tg==
e.gif
ensighten.huntingtonbank.com/error/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Age
46503
X-Cache
Hit from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
-sDBqa29PdOj5Pg9wlFAwPJcfaXnI_Gt0AsMb-k2vASMu4Ym2Rgjmw==
e.gif
ensighten.huntingtonbank.com/error/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ensighten.huntingtonbank.com/error/e.gif?msg=%24%20is%20not%20defined&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=3605489&did=324003&errorName=ReferenceError
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Age
46503
X-Cache
Hit from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
w5aW8qY1sHvc9e-_3a5HsMQa59NNLwIV_HIUKdXpBYdpjnwUNXDxQA==
e.gif
ensighten.huntingtonbank.com/error/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20cat%2C%20ID%3A13458.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Age
46503
X-Cache
Hit from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
42gC6W6EXaBuYZ_Dl3WoyPPWj9dfh-EDRl7NoGeCDR5RSLlr5u9ErQ==
e.gif
ensighten.huntingtonbank.com/error/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ensighten.huntingtonbank.com/error/e.gif?msg=%22ReferenceError%3A%20%24%20is%20not%20defined%22%20error%20caught%20in%20Data%20Definition%20extractor%3A%20COM%20-%20Floodlight%20-%20type%2C%20ID%3A13460.&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=3377286&did=632104&errorName=DataDefinitionException
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:48 GMT
Via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA60-P4
Age
46503
X-Cache
Hit from cloudfront
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
X-Amz-Cf-Id
4MkLZ2ud8J_G5CXal3ZDuP9xQu49wI2xuqJ__VVslEM9S2e6XAzpMA==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol
HTTP/1.1
Server
2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
322
Date
Thu, 12 Jan 2023 13:19:48 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 17:22:56 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=26657
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4777
fbevents.js
connect.facebook.net/en_US/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 12 Jan 2023 13:19:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27613
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sUvxEGZgMFIc95RDQJZoBGcxEVl8/29IUYZIP/mIwNCah6XDlbXb7Gl8cO83m/PsG+W2A/OqYqjQ4wldQ4HMiQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/291554/domain/dadahj.com/ 		36 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/291554/domain/dadahj.com/token
Requested by
Host: snap.licdn.com
URL: http://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:4000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
http://www.dadahj.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
gzip
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
07uvCLUxHL8bSMYXD1AyPtJIgeNdW6HZaf_0ZCEkzmf7iJ9pWjmKYA==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1673529588265%26url%3Dhttp%253A%252F%252Fwww.dadahj.com%252Fwp-co...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=...
0
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=true&e_ipv6=AQJ25goVOtThTQAAAYWmIvyqGp-uds0kcSevodJVy04oELE2hK3h4X4eDs53wGNrSm-3p4FmxWnh1rYQXHLgLuORk3az
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:49 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: BA76D791D3CE46AAA39B35532AE6D0E6 Ref B: FRAEDGE1420 Ref C: 2023-01-12T13:19:49Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXyEPiuTC8hkIQEQXVynQ==

Redirect headers

date
Thu, 12 Jan 2023 13:19:48 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A62999D52EB44AA6BBD8964C97BB3E02 Ref B: VIEEDGE1615 Ref C: 2023-01-12T13:19:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1673529588265&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&liSync=true&e_ipv6=AQJ25goVOtThTQAAAYWmIvyqGp-uds0kcSevodJVy04oELE2hK3h4X4eDs53wGNrSm-3p4FmxWnh1rYQXHLgLuORk3az
x-li-proto
http/2
content-length
0
x-li-uuid
AAXyEPiqpO5MSwosP0N26w==
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-65-116.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 06:03:06 GMT
Content-Encoding
gzip
Via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-C1
Age
26203
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
UpkaIUXiO6cuEu0Qyl0DjpePh6MRX6vpRqFy-E6bD0UQw-C8K6lWdQ==
10030245.json
s.yimg.com/wi/config/ 		2 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10030245.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
GJYH6B4N743ZABYT
age
1
content-length
22
x-amz-id-2
0HChlhlLHZDtSizANYZGr4Lb822PWSorR5Z76TyME7JsdvXgdgoRtjR2o2QuzGRk1MWzduDxQUY=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
5140493269326436
connect.facebook.net/signals/config/ 		376 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/5140493269326436?v=2.9.91&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
06c186c73b1d1f057b96db42872391f6314ffddd554842dfa0a135de9c7bfb4c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 12 Jan 2023 13:19:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
PPc6GlBkxKOTCXu7LfrmLZE2t/CJYvBLgyxx5iTC8UcM4MIU5nRvTQmjMnVhOlYUJWP8Wq04bYOo80BypVI9qg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
5067672.js
bat.bing.com/p/action/ 		0
119 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/5067672.js
Requested by
Host: bat.bing.com
URL: http://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Thu, 12 Jan 2023 13:19:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DC8F9E98A9584F32B2970EA304230600 Ref B: DUS30EDGE0316 Ref C: 2023-01-12T13:19:48Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=8b6bba00-f9a1-456e-9edd-e12ae6c2e762&sid=c9d78560927b11eda8290ba04bf8dd16&vid=c9d7cd10927b11eda0305d8a5689b925&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&r=&lt=2363&evt=pageLoad&sv=1&rn=96699
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 12 Jan 2023 13:19:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 07FA8CA1FE5C4EA9A1FB0A2AB85C5FB9 Ref B: DUS30EDGE0316 Ref C: 2023-01-12T13:19:48Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=8b6bba00-f9a1-456e-9edd-e12ae6c2e762&sid=c9d78560927b11eda8290ba04bf8dd16&vid=c9d7cd10927b11eda0305d8a5689b925&vids=0&msclkid=N&ec=Visit&ea=Public&sw=1600&sh=1200&sc=24&evt=custom&rn=431255
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 12 Jan 2023 13:19:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 34B806939717462BAC33BD79F32F064D Ref B: DUS30EDGE0316 Ref C: 2023-01-12T13:19:48Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-conten...
10701487.fls.doubleclick.net/ Frame B210
Redirect Chain
  • https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-con...
  • https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=ht...
570 B
482 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
3a28119ea014b24d5b03462e5a078ca45a3fc6cef94f6e427694666ee13fba62
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.dadahj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
306
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e963a7b4c3e08cc0173cbfc6b1e15b40f55d88a2e2cb8c0c65905ba285867ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53782
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplug...
10701487.fls.doubleclick.net/ Frame 66ED
Redirect Chain
  • https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fp...
  • https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F...
562 B
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=DC-10701487
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
cafe /
Resource Hash
0eb40ff5ed31dbc3ec01dd94a75502d3a2d06dea78c516df8417b6575bd7ab41
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.dadahj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
137 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8d90eceede7922b30f33b86a72acc22b3676fe130468a10f11c738d5d5992a5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53862
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
136 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
93b260fe36f13f0629445607c95012ced3c864ade68a5da3104d0fcca44cf5c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53764
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa31962d8b64c6f55c7fc3b7532b1e7dd4e345758899ef1f926964d01450f3e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67582
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
js
www.googletagmanager.com/gtag/
Redirect Chain
  • http://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
  • https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
181 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b50555409d8f09d6b82de80fa3c2e4931d67e4518f183826a5dbcb25baa3d60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67549
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Jan 2023 13:19:48 GMT

Redirect headers

Location
https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1673529588479&cv=11&fst=1673529588479&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=827217179.1673529588&data=event%3Dpage_view%3Badobeidappid%3D%7C&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9bd7bbd48995a59b9ac50003dac1489842d332164c6068554fca8c053a04510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
954
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2012%20Jan%202023%2013%3A19%3A48%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Thu, 12 Jan 2023 13:19:48 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&enc=UTF-8&yv=1.13.0&et=custom&ec=Visit&ea=Public&tagmgr=gtm%2Censighten
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Thu, 12 Jan 2023 13:19:48 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1673529588533&cv=11&fst=1673529588533&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=827217179.1673529588&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bb8e576747c0d7e3ceca77eba89df65456706e7361d4ba423d11f3d22fed2d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
937
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1673529588564&cv=11&fst=1673529588564&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=827217179.1673529588&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec4b15cd8d8e938fe24c35d95ed99a796ef4b0901be017aa339b464bca8d255b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
942
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
chatLoader.min.js
media-us1.digital.nuance.com/media/launch/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674
Requested by
Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4a::27 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Nuance Server /
Resource Hash
c989f3f65d9f4b9a70367cdf328c3b56b0cabcdf5792ff06d9cff7037adc1bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000;includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 12 Jan 2023 13:19:48 GMT
x-azure-ref-originshield
0xP2/YwAAAAAByfov/A8/TLGax9I3slc2RlJBMjMxMDUwNDE4MDI3AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
x-cache
TCP_HIT
x-xss-protection
1; mode=block
last-modified
Fri, 09 Dec 2022 01:07:42 GMT
server
Nuance Server
etag
W/"22376-1670548062000"
vary
accept-encoding
x-azure-ref
09AjAYwAAAAAX515CG/3SQ5Xt1eHWXJgNRlJBMzFFREdFMDkxMwBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1673529588623&cv=11&fst=1673529588623&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=827217179.1673529588&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87fecd7ad72f99e6062a065c550c05da440acc428cd9e0d1b0dba656d08a1668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
936
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1673529588654&cv=11&fst=1673529588654&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=827217179.1673529588&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba80ebab564550019baa06340d157c126574f1d6b3a7bdbe3d85a6ca8a4dc998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
940
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&rl=&if=false&ts=1673529588755&sw=1600&sh=1200&v=2.9.91&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1673529588750.1018137284&it=1673529588321&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=f1e6d44a-f08b-4c72-9c3e-878a52a556d8&rqm=GET
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 12 Jan 2023 13:19:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/849073348/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849073348/?random=1673529588533&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1659910360&rmt_tld=0&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/849073348/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/849073348/?random=1673529588533&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1659910360&rmt_tld=1&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849064376/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849064376/?random=1673529588479&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dpage_view%3Badobeidappid%3D%7C&fmt=3&is_vtc=1&random=662485125&rmt_tld=0&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/849064376/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/849064376/?random=1673529588479&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dpage_view%3Badobeidappid%3D%7C&fmt=3&is_vtc=1&random=662485125&rmt_tld=1&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/786635084/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/786635084/?random=1673529588564&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2692595105&rmt_tld=0&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/786635084/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/786635084/?random=1673529588564&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2692595105&rmt_tld=1&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugin...
adservice.google.com/ddm/fls/i/ Frame 87F9 		569 B
782 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Requested by
Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5af8a5f3fd6d3b1cc28a5c4b1d4cbbc38a9c690ef46c5b924555750861d092ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
314
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdown...
adservice.google.com/ddm/fls/i/ Frame D85E 		561 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Requested by
Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4006a75b51b5cf305069c40963c444b04d6f7543986b918c38ed524627f081a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
298
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:48 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/391028924/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/391028924/?random=1673529588623&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=318391380&rmt_tld=0&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/391028924/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/391028924/?random=1673529588623&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=318391380&rmt_tld=1&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/849063932/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/849063932/?random=1673529588654&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1399360159&rmt_tld=0&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/849063932/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/849063932/?random=1673529588654&cv=11&fst=1673528400000&bg=ffffff&guid=ON&async=1&gtm=2oa1a1&u_w=1600&u_h=1200&frm=0&url=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1399360159&rmt_tld=1&ipr=y
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Jan 2023 13:19:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugin...
adservice.google.de/ddm/fls/i/ Frame A5E7 		194 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CN_DlsWPwvwCFZAPaAgdpY4OwQ;src=10701487;type=global;cat=uvisit;ord=1;num=8359833235773;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:49 GMT
expires
Thu, 12 Jan 2023 13:19:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdown...
adservice.google.de/ddm/fls/i/ Frame E877 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKPHlsWPwvwCFb0HaAgdBvUMAQ;src=10701487;type=global;cat=allpv;ord=313001800087;gtm=2od1a1;auiddc=827217179.1673529588;u1=;u11=;~oref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 12 Jan 2023 13:19:49 GMT
expires
Thu, 12 Jan 2023 13:19:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
up
insight.adsrvr.org/track/ Frame 2137 		0
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1673529588271
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.dadahj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Thu, 12 Jan 2023 13:19:49 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
nuanceChat.html
www.dadahj.com/nuance/ Frame 8F60 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Requested by
Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
7eb1d7451997acc9f3422af015175479d6a65af22219a332b117d9295c1abb96

Request headers

Referer
http://www.dadahj.com/wp-content/plugins/download-plugin/hunt/?user-agent=Mozilla/5.0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Jan 2023 13:19:49 GMT
Expires
Wed, 11 Jan 1984 05:00:00 GMT
Link
<http://www.dadahj.com/wp-json/>; rel="https://api.w.org/"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
104.css
www.dadahj.com/wp-content/themes/zt104/style/ Frame 8F60 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/style/104.css
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
342c2b631665f31694587b0995b0f50e2e6d6e7cb5e1a9c45ec5cd0442be4f87

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:39 GMT
Server
nginx
ETag
W/"628cb267-2620"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
page.css
www.dadahj.com/wp-content/themes/zt104/style/ Frame 8F60 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/style/page.css
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
73a294cdea56a118910952384459fbd6ada76d288adfbc8e2bb0ab1028b33937

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:40 GMT
Server
nginx
ETag
W/"628cb268-642c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
style.css
www.dadahj.com/wp-content/themes/zt104/style/ Frame 8F60 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/style/style.css
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
ad6ef6c5ddd6dfd957769002de3e0832d12c3703022e9909522c12dc7b2ed7c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:40 GMT
Server
nginx
ETag
W/"628cb268-106d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
bootstrap.css
www.dadahj.com/wp-content/themes/zt104/style/ Frame 8F60 		196 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/style/bootstrap.css
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
6a7b54a8861b9d6e6f1df97b694191bdf713c55d378b1e11f38dbbf82894988f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:39 GMT
Server
nginx
ETag
W/"628cb267-30f4d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
pro.css
www.dadahj.com/wp-content/themes/zt104/style/ Frame 8F60 		2 KB
1018 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/style/pro.css
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
a5e138412ba11a5aa0f8aac180a80c81a88f524fba0daa0343cdd1dc8425d4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:40 GMT
Server
nginx
ETag
W/"628cb268-91e"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
jquery.min.js
www.dadahj.com/wp-content/themes/zt104/js/ Frame 8F60 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/js/jquery.min.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
e7adc4b1920d8c2e88d13b019a1bc1500c3e873836d677c0465fd50d5b36a6b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:41 GMT
Server
nginx
ETag
W/"628cb269-17881"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
pic.js
www.dadahj.com/wp-content/themes/zt104/js/ Frame 8F60 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-content/themes/zt104/js/pic.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
a24d97bb6eb589b9a381c155609e238849084241e2e6519cdd3ab7af653c38a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 10:24:41 GMT
Server
nginx
ETag
W/"628cb269-1e73"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
style.min.css
www.dadahj.com/wp-includes/css/dist/block-library/ Frame 8F60 		93 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Jan 2023 08:21:52 GMT
Server
nginx
ETag
W/"63be71a0-172a9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:50 GMT
classic-themes.min.css
www.dadahj.com/wp-includes/css/ Frame 8F60 		217 B
516 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:50 GMT
Last-Modified
Wed, 11 Jan 2023 08:21:53 GMT
Server
nginx
ETag
"63be71a1-d9"
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
217
Expires
Fri, 13 Jan 2023 01:19:50 GMT
linkid.js
plugins.doubleclicks.biz/plugins/ua/ Frame 8F60 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.doubleclicks.biz/plugins/ua/linkid.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/themes/zt104/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1023 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
linkid.js
plugins.doubleclicks.biz/plugins/ua/ Frame 8F60 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://plugins.doubleclicks.biz/plugins/ua/linkid.js
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/wp-content/themes/zt104/js/pic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1023 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
wp-emoji-release.min.js
www.dadahj.com/wp-includes/js/ Frame 8F60 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.dadahj.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: www.dadahj.com
URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol
HTTP/1.1
Server
206.119.74.57 , United States, ASN8796 (FD-298-8796, US),
Reverse DNS
Software
nginx /
Resource Hash
b994f3ee6a29c5038e5e671910f57d382c3288a104b333822cf65ddc4ed11518

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Thu, 12 Jan 2023 13:19:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 22:35:46 GMT
Server
nginx
ETag
W/"628d5dc2-48b9"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Fri, 13 Jan 2023 01:19:51 GMT
trk
trk.clinch.co/ Frame A39A
Redirect Chain
  • http://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0...
  • https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5....
  • https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5....
79 B
254 B 		Document
General
Check archive.org
Download Go to
Full URL
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271&try2=true
Requested by
Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.217.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-217-250.compute-1.amazonaws.com
Software
clinch /
Resource Hash
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

Request headers

Referer
http://www.dadahj.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
content-length
79
content-type
text/html
date
Thu, 12 Jan 2023 13:19:51 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
clinch
x-robots-tag
none

Redirect headers

content-length
0
date
Thu, 12 Jan 2023 13:19:51 GMT
location
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fwww.dadahj.com%2Fwp-content%2Fplugins%2Fdownload-plugin%2Fhunt%2F%3Fuser-agent%3DMozilla%2F5.0&version=3.4&a=1673529591271&try2=true
server
clinch

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontentvisibilityautostatechange object| _cf object| webpackChunkhuntington_com_toolkit object| ensBootstraps object| Bootstrapper number| _delay function| _log object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor object| _enslog object| chatFab object| nuanceData object| siteSurvey object| OOo object| OOoDynamicRewrite string| _linkedin_data_partner_id string| src function| clq function| _clq string| sName function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_AudienceManagement number| s_objectID number| s_giq object| s function| DIL object| uetq string| projectId string| pixelId object| dotq function| fbq function| _fbq object| dataLayer function| gtag function| lintrk boolean| _already_called_lintrk number| created_style object| YAHOO function| UET function| UET_init function| UET_push object| ueto_f5c1162f72 object| google_tag_manager object| google_tag_data function| ttd_dom_ready function| TTDUniversalPixelApi object| GooglebQhCsO function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig object| InqRegistry object| __webpack_exports__

22 Cookies

Domain/Path Name / Value
www.dadahj.com/nuance Name: waf_sc
Value: 5889647726
.dadahj.com/ Name: oo_OODynamicRewrite_weight
Value: 0
.dadahj.com/ Name: oo_inv_percent
Value: 0
.dadahj.com/ Name: oo_inv_hit
Value: 1
.bing.com/ Name: MUID
Value: 1E494DE1EC2F60572F195F76EDEF6104
.dadahj.com/ Name: _uetsid
Value: c9d78560927b11eda8290ba04bf8dd16
.dadahj.com/ Name: _uetvid
Value: c9d7cd10927b11eda0305d8a5689b925
.dadahj.com/ Name: _gcl_au
Value: 1.1.827217179.1673529588
www.dadahj.com/ Name: ln_or
Value: eyIyOTE1NTQiOiJkIn0%3D
.linkedin.com/ Name: UserMatchHistory
Value: AQJJZFKOPO1tyAAAAYWmIvrt2H-Eyij6hoh2OlMFmDWg0nX19MkeMEHmOovoxx9dQ1nsioPoMSRGBQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQIHyal1hNFojAAAAYWmIvrtMbmmK9KY_GRSWvihyOS4jl7iYZFBWrFechFT7olngsxNzKXPYmSQWAshDVfLUA
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9d187b4f-b442-4880-823d-b10368baddd7"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2451:u=1:x=1:i=1673529588:t=1673615988:v=2:sig=AQH_uKnR7LaWXtXupERVgv-BQXbFR1PI"
.yahoo.com/ Name: A3
Value: d=AQABBPQIwGMCEE_JDFT3GFLvhS8AlWp-x48FEgEBAQFawWPJYwAAAAAA_eMAAA&S=AQAAAj_dR2NasGRazPcYV97kiEc
.doubleclick.net/ Name: IDE
Value: AHWqTUnaHWW4bI4JnYzg_hNxBlzpRUea6KOfwDw21pJe7F_rN8FOnqeHued7jdKw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.dadahj.com/ Name: _fbp
Value: fb.1.1673529588750.1018137284
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&202301121319487e7a98fe-1b2d-4906-8487-16b1247dc969AQG9g7l-BKYos6iIpNfZ1A78i0E6WDYi"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NzM1Mjk1ODg7MjswMjHxPi6jugd170RV/Y10HNEk6Es+SXmfi9P4tU1L5vktzw==
.clinch.co/ Name: clinch-sid
Value: 52cc12e9-911c-4e33-b418-4dc3e34ce9f6

11 Console Messages

Source Level URL
Text
network error URL: http://www.dadahj.com/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/Presentation/Scripts/jquery-3.4.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/resources/b591cbd01221607a1bf7e89412ef77
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: http://www.dadahj.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://plugins.doubleclicks.biz/plugins/ua/linkid.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://plugins.doubleclicks.biz/plugins/ua/linkid.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: http://www.dadahj.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10701487.fls.doubleclick.net
adservice.google.com
adservice.google.de
bat.bing.com
cdn.clinch.co
cdn.linkedin.oribi.io
connect.facebook.net
dadahj.com
ensighten.huntingtonbank.com
googleads.g.doubleclick.net
huntingtonbank.inq.com
insight.adsrvr.org
js.adsrvr.org
media-us1.digital.nuance.com
plugins.doubleclicks.biz
px.ads.linkedin.com
px4.ads.linkedin.com
s.yimg.com
snap.licdn.com
sp.analytics.yahoo.com
trk.clinch.co
www.dadahj.com
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.huntington.com
www.linkedin.com
13.107.42.14
142.250.185.102
15.197.193.217
206.119.74.57
212.82.100.181
23.36.163.233
2600:9000:206f:4000:2:53b2:240:93a1
2606:4700:3037::6815:1023
2620:1ec:22::14
2620:1ec:4a::27
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2002
2a00:1450:400d:806::2004
2a02:26f0:3500:16::215:14a0
2a02:26f0:3500:18::1724:a294
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.119.57
34.224.217.250
44.196.97.191
52.189.67.17
65.9.65.116
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06c186c73b1d1f057b96db42872391f6314ffddd554842dfa0a135de9c7bfb4c
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eb40ff5ed31dbc3ec01dd94a75502d3a2d06dea78c516df8417b6575bd7ab41
108160c11d9dbfe5f0639c6e1a857bdadffbd4ad6d4b9b56e5052d49fcc47d97
18ff3ccb5fd9c48d25129e9cdf5dc4211f58152574fa12cb5f739026c2b2ac42
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
1faeb4d3c1d1e405e2c13ef46b7a5af4529dc10c5d28fcaf19b8396a9fe7873d
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
342c2b631665f31694587b0995b0f50e2e6d6e7cb5e1a9c45ec5cd0442be4f87
3451a516a1e8e891abf18710cd5e5614e5db4ee707113f4564f6f57dbbc4c060
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3
3a28119ea014b24d5b03462e5a078ca45a3fc6cef94f6e427694666ee13fba62
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459ff3482203f02f2025f958ef0974b47c51a071818c8e9b87fcaacc43548dfd
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5af8a5f3fd6d3b1cc28a5c4b1d4cbbc38a9c690ef46c5b924555750861d092ba
6a7b54a8861b9d6e6f1df97b694191bdf713c55d378b1e11f38dbbf82894988f
6b50555409d8f09d6b82de80fa3c2e4931d67e4518f183826a5dbcb25baa3d60
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
73a294cdea56a118910952384459fbd6ada76d288adfbc8e2bb0ab1028b33937
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
7eb1d7451997acc9f3422af015175479d6a65af22219a332b117d9295c1abb96
87fecd7ad72f99e6062a065c550c05da440acc428cd9e0d1b0dba656d08a1668
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
8d90eceede7922b30f33b86a72acc22b3676fe130468a10f11c738d5d5992a5e
93b260fe36f13f0629445607c95012ced3c864ade68a5da3104d0fcca44cf5c1
9bb8e576747c0d7e3ceca77eba89df65456706e7361d4ba423d11f3d22fed2d8
a24d97bb6eb589b9a381c155609e238849084241e2e6519cdd3ab7af653c38a0
a5e138412ba11a5aa0f8aac180a80c81a88f524fba0daa0343cdd1dc8425d4f3
aa31962d8b64c6f55c7fc3b7532b1e7dd4e345758899ef1f926964d01450f3e3
ad6ef6c5ddd6dfd957769002de3e0832d12c3703022e9909522c12dc7b2ed7c6
b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b
b994f3ee6a29c5038e5e671910f57d382c3288a104b333822cf65ddc4ed11518
ba80ebab564550019baa06340d157c126574f1d6b3a7bdbe3d85a6ca8a4dc998
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c46a8d4e2078a8df49705adbe4a198d19650bb5091e8fb78b8a60254746b97f4
c55f48197a344500d2c2d32cf0d5535640ab97de8fb37a24ac3c8b8034f4fa8f
c989f3f65d9f4b9a70367cdf328c3b56b0cabcdf5792ff06d9cff7037adc1bf6
cba8862bc0eeff77ab390c0669021b95055e809f226aa0e7dc438d79e3ad399f
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7adc4b1920d8c2e88d13b019a1bc1500c3e873836d677c0465fd50d5b36a6b4
e963a7b4c3e08cc0173cbfc6b1e15b40f55d88a2e2cb8c0c65905ba285867ccd
e9bd7bbd48995a59b9ac50003dac1489842d332164c6068554fca8c053a04510
ec4b15cd8d8e938fe24c35d95ed99a796ef4b0901be017aa339b464bca8d255b
ed714045f032d532a1b487d27bb65e3211ffaf762eab060c036eeeaddc239575
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f4006a75b51b5cf305069c40963c444b04d6f7543986b918c38ed524627f081a
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792
fe4478266750fa112bc0cf4a639a5f6a8884d5baeef3df354c67bd7141634213