appmainsupport.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2fb5 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://appmainsupport.pages.dev/
Submission: On November 07 via api (November 7th 2022, 3:09:12 pm UTC) from US — Scanned from US

Summary HTTP 173 Redirects Links 154 Behaviour Indicators

Summary

This website contacted 26 IPs in 2 countries across 23 domains to perform 173 HTTP transactions. The main IP is 2606:4700:310c::ac42:2fb5, located in United States and belongs to CLOUDFLARENET, US. The main domain is appmainsupport.pages.dev.
TLS certificate: Issued by E1 on November 7th 2022. Valid for: 3 months.

This is the only time appmainsupport.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:310... 2606:4700:310c::ac42:2fb5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	23.49.248.132 23.49.248.132	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:210... 2600:9000:210b:b000:1:fb61:2b80:93a1	16509 (AMAZON-02) (AMAZON-02)
8	3.234.31.129 3.234.31.129	14618 (AMAZON-AES) (AMAZON-AES)
16	52.177.241.160 52.177.241.160	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2600:141b:13:... 2600:141b:13::1724:158	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2001:4998:14:... 2001:4998:14:800::1000	14777 (YAHOO) (YAHOO)
12	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
4	2600:1400:d::... 2600:1400:d::6878:d2ab	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 3	63.140.38.128 63.140.38.128	14618 (AMAZON-AES) (AMAZON-AES)
4	143.204.138.162 143.204.138.162	16509 (AMAZON-02) (AMAZON-02)
8	2620:1ec:40::40 2620:1ec:40::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4 8	142.250.80.6 142.250.80.6	15169 (GOOGLE) (GOOGLE)
4	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
10	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
5 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	104.18.98.194 104.18.98.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	54.209.93.43 54.209.93.43	14618 (AMAZON-AES) (AMAZON-AES)
1 8	35.71.131.137 35.71.131.137	() ()
1 1	52.45.33.138 52.45.33.138	() ()
1 1	69.173.151.100 69.173.151.100	() ()
1 1	142.251.40.194 142.251.40.194	() ()
2 2	68.67.179.155 68.67.179.155	() ()
1 2	192.40.39.223 192.40.39.223	() ()
2 2	35.211.178.172 35.211.178.172	() ()
2	2600:1f18:445... 2600:1f18:4457:4601:31c1:5f80:3feb:8028	() ()
173	26

7 2606:4700:310c::ac42:2fb5 (United States)

ASN13335 (CLOUDFLARENET, US)

appmainsupport.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 23.49.248.132 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-132.deploy.static.akamaitechnologies.com

www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:210b:b000:1:fb61:2b80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.234.31.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-31-129.compute-1.amazonaws.com

ensighten.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.177.241.160 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

huntingtonbank.inq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::1724:158 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

cdn.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4998:14:800::1000 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1400:d::6878:d2ab (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.140.38.128 (United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-128.data.adobedc.net

smetrics.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.138.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2620:1ec:40::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

media-us1.digital.nuance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.80.6 (Glen Cove, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f6.1e100.net

10701487.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 5 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.98.194 (Shahr, Iran, Islamic Republic Of) 1 redirects

ASN13335 (CLOUDFLARENET, US)

p.adsymptotic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.209.93.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-93-43.compute-1.amazonaws.com

trk.clinch.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.71.131.137 (None, ) 1 redirects

ASN- ()

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.33.138 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.194 (None, ) 1 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.155 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (None, ) 1 redirects

ASN- ()

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:4457:4601:31c1:5f80:3feb:8028 (None, )

ASN- ()

api.levelaccess.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	huntington.com 1 redirects www.huntington.com — Cisco Umbrella Rank: 97842 smetrics.huntington.com — Cisco Umbrella Rank: 89237	1 MB
19	doubleclick.net 5 redirects 10701487.fls.doubleclick.net — Cisco Umbrella Rank: 215166 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 cm.g.doubleclick.net	13 KB
16	inq.com huntingtonbank.inq.com — Cisco Umbrella Rank: 189389	20 KB
14	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
12	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2063 insight.adsrvr.org match.adsrvr.org	18 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	657 KB
8	nuance.com media-us1.digital.nuance.com — Cisco Umbrella Rank: 13417	502 KB
8	bing.com bat.bing.com — Cisco Umbrella Rank: 616	24 KB
8	huntingtonbank.com ensighten.huntingtonbank.com — Cisco Umbrella Rank: 188199	205 KB
7	linkedin.com 7 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 815 www.linkedin.com — Cisco Umbrella Rank: 745 px4.ads.linkedin.com — Cisco Umbrella Rank: 7246	4 KB
7	pages.dev appmainsupport.pages.dev	56 KB
6	clinch.co 2 redirects cdn.clinch.co — Cisco Umbrella Rank: 7843 trk.clinch.co — Cisco Umbrella Rank: 5166	11 KB
5	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1612 ups.analytics.yahoo.com	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	223 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1420	8 KB
4	yimg.com s.yimg.com — Cisco Umbrella Rank: 617	13 KB
4	levelaccess.net cdn.levelaccess.net — Cisco Umbrella Rank: 20701 api.levelaccess.net	124 KB
3	adsymptotic.com 1 redirects p.adsymptotic.com — Cisco Umbrella Rank: 926	585 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	914 B
173	23

	Domain	Requested by
38	www.huntington.com	appmainsupport.pages.dev www.huntington.com
16	huntingtonbank.inq.com	www.huntington.com media-us1.digital.nuance.com huntingtonbank.inq.com
12	www.googletagmanager.com	ensighten.huntingtonbank.com www.googletagmanager.com
10	www.google.com	appmainsupport.pages.dev
10	googleads.g.doubleclick.net	www.googletagmanager.com
8	10701487.fls.doubleclick.net	4 redirects www.googletagmanager.com
8	media-us1.digital.nuance.com	huntingtonbank.inq.com media-us1.digital.nuance.com
8	bat.bing.com	ensighten.huntingtonbank.com bat.bing.com appmainsupport.pages.dev
8	ensighten.huntingtonbank.com	appmainsupport.pages.dev ensighten.huntingtonbank.com
7	appmainsupport.pages.dev	media-us1.digital.nuance.com www.huntington.com
6	match.adsrvr.org	js.adsrvr.org
4	trk.clinch.co	2 redirects cdn.clinch.co
4	px.ads.linkedin.com	4 redirects
4	adservice.google.com	10701487.fls.doubleclick.net
4	sp.analytics.yahoo.com	appmainsupport.pages.dev
4	js.adsrvr.org	ensighten.huntingtonbank.com match.adsrvr.org insight.adsrvr.org
4	connect.facebook.net	ensighten.huntingtonbank.com connect.facebook.net
4	snap.licdn.com	ensighten.huntingtonbank.com snap.licdn.com
4	s.yimg.com	ensighten.huntingtonbank.com www.huntington.com
3	p.adsymptotic.com	1 redirects appmainsupport.pages.dev
3	smetrics.huntington.com	1 redirects appmainsupport.pages.dev
2	api.levelaccess.net	www.huntington.com
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	1 redirects js.adsrvr.org
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	1 redirects js.adsrvr.org
2	www.facebook.com	appmainsupport.pages.dev
2	px4.ads.linkedin.com	2 redirects
2	cdn.clinch.co	ensighten.huntingtonbank.com
2	cdn.levelaccess.net	appmainsupport.pages.dev
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	www.linkedin.com	1 redirects
173	34

This site contains links to these domains. Also see Links.

Domain
outdatedbrowser.com
www.huntington.com
www.huntington-ir.com
pages.huntington-email.com
redirect.hbgo.mobi
selfservice.huntington.com
cms.huntington.com
huntingtoncc.fdecs.com
escrowsolutions.huntington.com
myapps.paychex.com
ht.businessonlinepayroll.com
investor.wealthscape.com
login2.fisglobal.com
go-retire.com
www.govone.com
tcf.itms-online.com
receivables.regulusgroup.com
hnblockbox.huntington.com
huntington-ir.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com

Subject Issuer	Validity	Valid
*.appmainsupport.pages.dev E1	`2022-11-07` - `2023-02-05`	3 months	crt.sh
huntington.com DigiCert SHA2 Extended Validation Server CA	`2022-05-10` - `2023-05-12`	a year	crt.sh
cdn.levelaccess.net Amazon	`2022-01-30` - `2023-02-27`	a year	crt.sh
ensighten.huntingtonbank.com Entrust Certification Authority - L1K	`2022-05-24` - `2023-06-23`	a year	crt.sh
*.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.clinch.co DigiCert TLS RSA SHA256 2020 CA1	`2022-07-25` - `2023-07-27`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-16` - `2022-11-14`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2022-09-14` - `2023-10-12`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
smetrics.huntington.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-28` - `2023-04-28`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
api.levelaccess.net Amazon	`2022-01-30` - `2023-02-28`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://appmainsupport.pages.dev/
Frame ID: 6FF641600BF445A8C7FC491CC8307EE7
Requests: 71 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F
Frame ID: B94708D34E69DB976F67923791F2CAFB
Requests: 1 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F
Frame ID: C8E531B0594D26779D2CA3A766197D98
Requests: 1 HTTP requests in this frame

Frame: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Frame ID: EB2174D90194E67CC1A88A02965EDA5E
Requests: 70 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F
Frame ID: BAA6506CBE720F83EA39B243E47AD06A
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F
Frame ID: EE5930E898D3696058D6B5055E5FFDA4
Requests: 1 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049&try2=true
Frame ID: A367FD40B81E46024A0CCFEE82647324
Requests: 1 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0
Frame ID: 0988E24451E2BEF34A214523BEC14D0E
Requests: 2 HTTP requests in this frame

Frame: https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0
Frame ID: 2A3DD8354AE62177B438BAE3603A666C
Requests: 2 HTTP requests in this frame

Frame: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
Frame ID: 8C2328B8F89C0A28A13DA8C43555C5F4
Requests: 12 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414
Frame ID: 57B4B0BFFC037543E7541546B114719D
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-iNoMUN1E2uJUL.Mi7_DMdm433aUCo9I-~A&gdpr=0&gdpr_consent=
Frame ID: D18461C88E643AEB4EC5DD044F3BCA20
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: EA729621308B7E827FFDEB594069C0A6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8&google_gid=CAESENBSqL_vFrv5HqWYFNyvf88&google_cver=1
Frame ID: 542236ED9364A0B95D27D2BDD90D51D8
Requests: 1 HTTP requests in this frame

Frame: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3.4&a=1667833741779&try2=true
Frame ID: D8C58675A33D5961A29270F518287C68
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833732642&td1=pub:%20mobile%20login
Frame ID: 9FA952DBF610F583838A3657A4F9EFAC
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8209074457504944105&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8
Frame ID: 9A7001EBFD774D9370A8D91E56BE48D3
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=&C=1
Frame ID: 70769F34CE6179B3378377C075439123
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 803DC5223702993CB50DDBD28661C9C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobile Banking Login | Huntington BankChat with a bankerClose FlagSearchErrorErrorErrorErrorErrorVisit Huntington's Facebook pageVisit Huntington's Twitter feedVisit Huntington's Instagram pageVisit Huntington's YouTube pageVisit Huntington's LinkedIn page

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

173
Requests

95 %
HTTPS

47 %
IPv6

23
Domains

34
Subdomains

26
IPs

2
Countries

3062 kB
Transfer

8589 kB
Size

42
Cookies

154 Outgoing links

These are links going to different origins than the main page.

URL: http://outdatedbrowser.com/
Title: Upgrade your browser

Search URL Search Domain Scan URL

URL: https://www.huntington.com/

Search URL Search Domain Scan URL

URL: https://www.huntington.com/customer-service/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.huntington.com/applyonline
Title: Open an Account

Search URL Search Domain Scan URL

URL: https://www.huntington.com/customer-service
Title: Customer Service

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Community
Title: Community

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security
Title: Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/branchlocator
Title: Find a branch

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal
Title: Personal

Search URL Search Domain Scan URL

URL: https://www.huntington.com/private-bank
Title: Private Bank

Search URL Search Domain Scan URL

URL: https://www.huntington.com/SmallBusiness
Title: Business

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Commercial
Title: Commercial

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking/Zelle
Title: Zelle

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/checking-basics/routing-number
Title: Routing Number

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/checking-basics/ordering-checks
Title: Order Checks

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/credit-card
Title: Credit Card

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking
Title: Compare Checking Accounts & Apply

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/asterisk-free-checking
Title: Asterisk-Free Checking®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/perks
Title: Huntington Perks Checking℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/platinum-perks
Title: Huntington Platinum Perks Checking℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/smartinvest
Title: Huntington SmartInvest Checking℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/student
Title: Student Banking

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/account-features
Title: Checking Account Benefits

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/24-hour-grace-overdraft-fee-relief
Title: 24-Hour Grace® Overdraft Fee Relief

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/checking-basics/overdraft-fees-explained
Title: Overdraft Fees Explained

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/early-pay
Title: Early Pay

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/standby-cash
Title: Standby Cash®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/check-deposit-availability
Title: Check Deposit Availability

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/money-scout
Title: Money Scout®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/safety-zone
Title: $50 Safety Zone℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/platinum-debit-card
Title: Platinum Debit Card

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/checking/mobile-payments
Title: Mobile Payments

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview
Title: Compare Savings Accounts & Apply

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/relationship-money-market-account
Title: Huntington® Relationship Money Market Account

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/smartinvest-money-market-account
Title: Huntington SmartInvest Money Market℠ Account

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/money-market-ira
Title: Huntington® Money Market Account IRA

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/relationship-savings-account
Title: Huntington® Relationship Savings

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/premier-savings-account
Title: Huntington® Premier Savings

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/savings-cds-overview/certificates-of-deposit
Title: Certificate Of Deposit (CDs)

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/credit-card/cash-back-card
Title: Huntington® Cashback Credit Card

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/credit-card/voice-rewards-credit-card
Title: Huntington Voice Rewards Credit Card℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/credit-card/voice-low-rate-credit-card
Title: Huntington Voice Credit Card®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/credit-card/osu-credit-card
Title: The Ohio State Voice Credit Card®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/military-banking
Title: Military Banking Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/military-banking/servicemembers-civil-relief-act
Title: Servicemembers Civil Relief Act

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison
Title: Compare Home Loans

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison
Title: Mortgage Loan Comparison

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison/fixed-rate-loan
Title: Fixed Rate Loan

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison/adjustable-rate-mortgages
Title: Adjustable Rate Mortgages

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison/fha-va-usda-loans
Title: FHA/VA/USDA Loans

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/home-equity-comparison
Title: Home Equity Comparison

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/home-equity-comparison/first-mortgage-equity-loans
Title: First Mortgage Equity Loan

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/home-equity-comparison/home-equity-loan
Title: Home Equity Loan

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/home-equity-comparison/home-equity-lines-of-credit
Title: Home Equity Lines of Credit

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages
Title: Specialty Mortgage Comparison

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/physician-only-loan
Title: Physicians Only

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/jumbo-loans
Title: Jumbo

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/homestyle-renovation-loan
Title: HomeStyle Renovation

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/construction-loan
Title: Construction

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/state-bond-down-payment-assistance-programs
Title: State Bond

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/employee-relocation-services
Title: Employee Relocation Services

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/third-party-lending-services
Title: Third Party Lending Services

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/specialty-mortgages/personal-loans
Title: Personal Loans

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/auto-loans-overview
Title: Auto Loans Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/auto-loans-overview/auto-loans
Title: Auto Loans

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/auto-loans-overview/auto-buying-resources
Title: Auto Buying Resources

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mortgage-education-tools
Title: Mortgage 101: Our Tips & Tools

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mortgage-education-tools/payment-help
Title: Payment Assistance

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mortgage-education-tools/find-a-mortgage-loan-officer
Title: Find A Loan Officer

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison/rate-quote
Title: Get A Rate Quote

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Lending-comparison/mortgage-loan-comparison/reo-listings
Title: REO Property Listings

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Investments-Overview
Title: Investments Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Investments-Overview/advisory-satisfaction-promise
Title: Advisory Satisfaction Promise

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Investments-Overview/disclosures
Title: Disclosure Documents

Search URL Search Domain Scan URL

URL: https://www.huntington.com/private-bank/solutions/trust-estate-planning
Title: Trust & Estate Management

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Investments-Overview/invest
Title: Grow & Manage Wealth

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Investments-Overview/protect
Title: Managing Financial Risks

Search URL Search Domain Scan URL

URL: https://www.huntington.com/private-bank/priorities/plan-for-retirement
Title: Planning for Retirement

Search URL Search Domain Scan URL

URL: https://www.huntington.com/private-bank/solutions/financial-retirement-planning
Title: Retirement Planning Services

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/insurance
Title: Insurance Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/insurance/home
Title: Home

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/insurance/life
Title: Life

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/insurance/motor-vehicle
Title: Motor Vehicle

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/insurance/residential-title
Title: Residential Title

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn
Title: All Categories

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/checking-basics
Title: Checking Basics

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/budgeting
Title: Budgeting & Spending

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/saving
Title: Saving Money

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/credit-debt
Title: Credit, Debt, & Loans

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/college-career
Title: College & Career

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/home-auto
Title: Home & Auto

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/invest-retire
Title: Investing & Retirement

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/Calculators-Educators
Title: Financial Calculators

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/checking-basics/how-to-write-a-check
Title: How to Write a Check

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/credit-debt/build-credit
Title: How to Build Credit

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/home-auto/tips-for-first-time-homebuyers
Title: Tips for First-Time Homebuyers

Search URL Search Domain Scan URL

URL: https://www.huntington.com/learn/college-career/how-much-college-debt
Title: Is College Debt Worth It?

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/digital-banking-tools
Title: Digital Banking Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/heads-up
Title: Huntington Heads Up®

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/spend-analysis
Title: Spend Analysis

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/spend-setter
Title: Spend Setter℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/savings-goal-getter
Title: Savings Goal Getter℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/look-ahead-calendar
Title: Look Ahead Calendar℠

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/investcloud
Title: Investments Dashboard

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking
Title: Personal Online Banking Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/bill-pay
Title: Bill Pay

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/online-banking/online-mortgages
Title: Online Mortgages

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking
Title: Mobile Banking Overview

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking/mobile-apps
Title: Mobile Banking App

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking/mobile-atm-deposit
Title: Mobile & ATM Deposit

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Personal/mobile-banking/mobile-banking-faq
Title: Mobile Banking FAQ

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/prevent/phishing-scams
Title: Understanding Phishing

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/password-security
Title: Improve Your Passwords

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/prevent/online-banking-security
Title: Online Banking Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/prevent/debit-credit-card-security
Title: Debit & Credit Card Security Tips

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/prevent/personal-online-tips
Title: Tips for You & Your Family

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/prevent/business-online-tips
Title: Tips for Your Business

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/monitor/fraud-alerts
Title: Sign Up for Fraud Alerts

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/monitor/common-scams-fraud
Title: Common Types of Fraud & Scams

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/monitor/monitor-info
Title: Tips for Monitoring Accounts

Search URL Search Domain Scan URL

URL: https://www.huntington.com/-/media/pdf/Rebuilding-Your-Identity---Fact-Sheet.pdf?rev=cc94ad167ccc4f8ca50668164f8598e6
Title: Rebuilding Your Identity Guide

Search URL Search Domain Scan URL

URL: https://www.huntington.com/About-Us
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.huntington.com/site_map
Title: Site Map

Search URL Search Domain Scan URL

URL: https://www.huntington.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: http://www.huntington-ir.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://pages.huntington-email.com/page.aspx?QS=c76003443ff9837d789f6f72fadb8d969a48c977aab19627
Title: Email Unsubscribe

Search URL Search Domain Scan URL

URL: https://www.huntington.com/fdicnotice
Title: FDIC Notice

Search URL Search Domain Scan URL

URL: http://redirect.hbgo.mobi/
Title: Download

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/account/forgotusername
Title: Forgot Username?

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/ForgotPassword/3
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/Enrollment/3
Title: Enroll Now

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Commercial/online-services
Title: Learn More

Search URL Search Domain Scan URL

URL: https://cms.huntington.com/
Title: Asset Based Lending

Search URL Search Domain Scan URL

URL: https://huntingtoncc.fdecs.com/
Title: Commercial eCustomerService

Search URL Search Domain Scan URL

URL: https://escrowsolutions.huntington.com/aews
Title: Escrow Solutions

Search URL Search Domain Scan URL

URL: https://myapps.paychex.com/landing_remote/login.do?TYPE=33554433&REALMOID=06-fd3ba6b8-7a2f-1013-ba03-83af2ce30cb3&GUID&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=09PZJoiHr8jiAF1z4DL6SopY5OyRzoKSeZ4yIhpJe7nkRdeIwtlMrg0rd7X3FRDM&TARGET=-SM-https%3a%2f%2fmyapps.paychex.com%2f
Title: Payroll - Paychex

Search URL Search Domain Scan URL

URL: https://ht.businessonlinepayroll.com/SPF/login/ee_auth.aspx
Title: Payroll - SurePayroll

Search URL Search Domain Scan URL

URL: https://investor.wealthscape.com/huntington/
Title: Online Investments

Search URL Search Domain Scan URL

URL: https://login2.fisglobal.com/idp/HUNTRPWL/?ClientID=WebLinkUI
Title: Online Trust

Search URL Search Domain Scan URL

URL: https://go-retire.com/huntington
Title: Retirement Plan Portal

Search URL Search Domain Scan URL

URL: https://www.govone.com/TPP/huntington/Account/Logon
Title: Smart Tax

Search URL Search Domain Scan URL

URL: https://tcf.itms-online.com/TCFBankDefault.aspx
Title: Remote Deposit Capture (TCF)

Search URL Search Domain Scan URL

URL: https://receivables.regulusgroup.com/Lockbox/Authentication/PSGLogin.aspx?C873BC=2m7n+1zoBTI=&screenWidth=1920
Title: Lockbox (Exela)

Search URL Search Domain Scan URL

URL: https://hnblockbox.huntington.com/
Title: Lockbox (CheckAlt)

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Commercial/credit-loans-leasing/equipment-financing-leasing/make-a-payment
Title: Equipment Financing & Leasing

Search URL Search Domain Scan URL

URL: http://huntington-ir.com/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/privacy-policies
Title: Privacy Policies

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.huntington.com/email
Title: Email Updates

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HuntingtonBank
Title: Visit Huntington's Facebook page

Search URL Search Domain Scan URL

URL: https://twitter.com/Huntington_Bank
Title: Visit Huntington's Twitter feed

Search URL Search Domain Scan URL

URL: https://www.instagram.com/huntingtonbank/?hl=en
Title: Visit Huntington's Instagram page

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/HuntingtonBank
Title: Visit Huntington's YouTube page

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/huntington-national-bank
Title: Visit Huntington's LinkedIn page

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=https%3A%2F%2Fappmainsupport.pages.dev%2F&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=appmainsupport.pages.dev%2F&v19=12%3A50%20PM%7CSunday&c28=12%3A50%20PM%7CSunday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1 HTTP 302
https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&pccr=true&vidn=31B48FC2DED7CFF9-600012954BA0EEDD&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=https%3A%2F%2Fappmainsupport.pages.dev%2F&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=appmainsupport.pages.dev%2F&v19=12%3A50%20PM%7CSunday&c28=12%3A50%20PM%7CSunday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

Request Chain 41

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F

Request Chain 43

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F

Request Chain 79

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1667833734853%26url%3Dhttps%253A%252F%252Fappmainsupport.pages.dev%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQzcuneas4GwAAAYRSoymxft2M0pOqWJts_08TJBrYM7eJpRaDny8JFNY8lWgHcDY HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db&_expected_cookie=428df7eb67572c1823a46f41b076ea28

Request Chain 87

https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049 HTTP 302
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049&try2=true

Request Chain 110

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0 HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0

Request Chain 112

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0 HTTP 302
https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0

Request Chain 130

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833739742&url=https%3A%2F%2Fappmainsupport.pages.dev%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833739742&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&e_ipv6=AQI6Ufx7HehFzwAAAYRSozoDVYIdoxhpc3WSehLdyhLwHZ8N_jdmro495hvJYlYR-bw HTTP 302
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db

Request Chain 141

https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414 HTTP 302
https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414

Request Chain 155

https://ups.analytics.yahoo.com/ups/55953/sync?uid=d1433a20-53a3-4b04-92a6-04d0aee674d8&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-iNoMUN1E2uJUL.Mi7_DMdm433aUCo9I-~A&gdpr=0&gdpr_consent=

Request Chain 156

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d1433a20-53a3-4b04-92a6-04d0aee674d8&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 157

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDE0MzNhMjAtNTNhMy00YjA0LTkyYTYtMDRkMGFlZTY3NGQ4&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8&google_gid=CAESENBSqL_vFrv5HqWYFNyvf88&google_cver=1

Request Chain 159

https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3.4&a=1667833741779 HTTP 302
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3.4&a=1667833741779&try2=true

Request Chain 164

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd1433a20-53a3-4b04-92a6-04d0aee674d8 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8209074457504944105&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8

Request Chain 165

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=&C=1

Request Chain 166

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

173 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
appmainsupport.pages.dev/ 165 KB
27 KB 212ms
111ms Document
text/html 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

607d5d5769fcfaddfd2c76689c405261347e854810ba2bf9a0d202db05a4da28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 7666fc88a8f3e25c-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:08:49 GMT
etag: W/"c99511ae04a337f74c5d4e87e08b20be"
link: <https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1>; rel="preload"; as=style
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8crs2PlAVLZmSxYnO0NIGe2ruG%2Fst3Gh7hYfZ4py6r81RnqpF9M6YOMgx3ZTRHTR7sgLDKXgOilL7gF3B4SaqtGIbbeY999j3m3HfGw3IQQZA0HE4u%2BbGFMG3izwHbL8hEcAWIWzcuPpdwRImf70vRP0CkcBT94%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 site-survey.min.css
www.huntington.com/Presentation/Styles/ 4 KB
2 KB 291ms
51ms Stylesheet
text/css 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:49 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="1375679757"
content-length: 1249
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1985253
accept-ranges: bytes
expires: Wed, 30 Nov 2022 14:36:22 GMT

GET
H2 200 ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js Show response
www.huntington.com/ 221 KB
95 KB 367ms
131ms Script
text/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

82c756747cfacd6402573e4ca875ef768a68c5f5f3c0050f2f0e62d5ca7e87b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:49 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 96220
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Microsoft-IIS/10.0
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=220804
expires: Thu, 10 Nov 2022 04:28:53 GMT

GET
H2 200 HuntingtonApexWeb-Medium.woff2
www.huntington.com/Presentation/fonts/ 20 KB
20 KB 286ms
50ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1966533559", dtTao;desc="1"
content-length: 19976
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858283
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:12 GMT

GET
H2 200 HuntingtonApexWeb-Bold.woff2
www.huntington.com/Presentation/fonts/ 19 KB
20 KB 323ms
87ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="510590554", dtTao;desc="1"
content-length: 19712
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:37 GMT
etag: "0f1cdef54ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1379434
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:19:23 GMT

GET
H2 200 HuntingtonApexWeb-MediumCaps.woff2
www.huntington.com/Presentation/fonts/ 18 KB
19 KB 342ms
107ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1692350004", dtTao;desc="1"
content-length: 18636
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858284
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 muli-v11-latin-700.woff2
www.huntington.com/Presentation/fonts/ 17 KB
17 KB 364ms
130ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-700.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-664460755", dtTao;desc="1"
content-length: 17128
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858284
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 muli-v11-latin-300.woff2
www.huntington.com/Presentation/fonts/ 16 KB
17 KB 380ms
146ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-300.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="666460901", dtTao;desc="1"
content-length: 16872
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jul 2022 18:23:13 GMT
etag: "055e39b9c9bd81:0:dtagent102372203280754004oXK"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858227
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:19:16 GMT

GET
H2 200 muli-v11-latin-600.woff2
www.huntington.com/Presentation/fonts/ 17 KB
17 KB 385ms
151ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-600.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:49 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-626641094", dtTao;desc="1"
content-length: 17080
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858284
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 toolkit.min.css
www.huntington.com/Presentation/Styles/ 388 KB
76 KB 323ms
90ms Stylesheet
text/css 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=EBoUWx4LcGcf9Ufq5ISQKILsheH6ePHAToYU28suVeQ1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a32dc750905bcf773957dd62d410bfd8b049cf9317317fd9e8524a9c014365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:49 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="2060064781"
content-length: 77595
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
etag: "0f59ebaf2e3d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1418780
accept-ranges: bytes
expires: Thu, 24 Nov 2022 01:15:09 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.huntington.com/Presentation/Scripts/ 87 KB
36 KB 288ms
56ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/jquery-3.5.1.min.js

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:49 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-596514542"
content-length: 36067
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1858283
accept-ranges: bytes
expires: Tue, 29 Nov 2022 03:20:12 GMT

GET
H2 200 toolkit.min.js Show response
www.huntington.com/Presentation/Scripts/ 503 KB
167 KB 57ms
56ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/toolkit.min.js?v=giXd8gSPyZdR2ExruPkmDHreimkiS2nO7QTJVDxt27s1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

54ab4266171afb1f12c5271d078e18b8ce0b43336445b4315069ea37465e8fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:50 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="467758740"
content-length: 170444
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
etag: "0f59ebaf2e3d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
expires: Mon, 07 Nov 2022 15:08:50 GMT

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/ 461 KB
62 KB 238ms
54ms Script
application/javascript 2600:9000:210b:b000:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/access.js
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:b000:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d596154976c6ed50f604245cc6ded9f208d27e4f780fb7c5e937dad700ee1b9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: mYLHPInXvKzp8AwW2k_umeVHlhAunVbI
Content-Encoding: gzip
Via: 1.1 1390ccfba3b832e28ba659d704aa57ba.cloudfront.net (CloudFront)
Date: Mon, 07 Nov 2022 14:57:05 GMT
X-Amz-Cf-Pop: EWR53-C3
Age: 706
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 62484
Last-Modified: Thu, 18 Aug 2022 11:17:24 GMT
Server: AmazonS3
ETag: "10c21619ee80ae45b981718b4000be33"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: -0MwOmf4rIp6MdtTbljHGUYx0k_4OvBj68wEii3lJ5tZCC6HYEyvZw==

GET
H2 200 Bootstrap.js Show response
ensighten.huntingtonbank.com/huntington/com/ 227 KB
68 KB 247ms
101ms Script
application/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ed714045f032d532a1b487d27bb65e3211ffaf762eab060c036eeeaddc239575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:49 GMT
x-amz-version-id: V.cNEnwifs62cdv5ByWLsKcCB2aap3KG
content-encoding: br
via: 1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 403623
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
server: nginx
etag: W/"a8be19592d40f71ad76b452dbe4ead56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: TOZjdit3ap1LCpVALzbOapxArfOl9dVDEy6pOF89eDiNotr9AVvFIA==

GET
H2 200 lockup.svg
www.huntington.com/-/media/hcom/global/logo/ 4 KB
2 KB 69ms
68ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:50 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="lockup.svg"
server-timing: dtRpid;desc="1058447365"
content-length: 1578
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jul 2020 14:26:49 GMT
etag: 25ac81b1cb8b4557ac63e0186de9a92b
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2044590
accept-ranges: bytes
expires: Thu, 01 Dec 2022 07:05:20 GMT

GET
H2 200 chat-fab.js Show response
www.huntington.com/Presentation/Scripts/ 19 KB
7 KB 64ms
63ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:50 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="577783886"
content-length: 7010
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:38 GMT
etag: "0f1cdef54ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=335752
accept-ranges: bytes
expires: Fri, 11 Nov 2022 12:24:42 GMT

GET
H2 200 EHL_Black_HouseOnly.svg
www.huntington.com/-/media/hcom/Icons/ 764 B
1 KB 86ms
81ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:50 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="EHL_Black_HouseOnly.svg"
server-timing: dtSInfo;desc="0", dtRpid;desc="2136463186"
content-length: 764
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Mar 2022 19:24:24 GMT
etag: 57637a2d5858427aba58213dfd85741c
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=2591406
accept-ranges: bytes
expires: Wed, 07 Dec 2022 14:58:56 GMT

GET
H2 200 logo-honeycomb.svg
www.huntington.com/-/media/hcom/global/logo/ 862 B
943 B 82ms
81ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:50 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="logo-honeycomb.svg"
server-timing: dtRpid;desc="938876142"
content-length: 449
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2017 15:39:44 GMT
etag: 2d91d2b82c4a40438297b714b6e7ceb5
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2065792
accept-ranges: bytes
expires: Thu, 01 Dec 2022 12:58:42 GMT

GET
H2 200 site-survey.min.js Show response
www.huntington.com/Presentation/Scripts/ 7 KB
3 KB 69ms
68ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:50 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1061898552"
content-length: 3053
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Sep 2022 18:59:22 GMT
etag: "0e13fefa2c7d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=508156
accept-ranges: bytes
expires: Sun, 13 Nov 2022 12:18:06 GMT

GET
H2 200 RqUUkB Show response
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ 191 KB
76 KB 365ms
364ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a9e034c83417931e346679b955b6784343d14be49c84d4a2d3c4e81f164bea4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:50 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 17:56:27 GMT
etag: "24db78a5666c71c76d6aa17ff83216b2e26cb893b863c3de0795fd3637ef3f2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
expires: Wed, 07 Dec 2022 15:08:32 GMT

GET
H2 200 serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/com/ 320 B
554 B 73ms
72ms Script
text/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Tue%20Oct%2025%2001:03:31%20GMT%202022&ClientID=1035&PageID=https%3A%2F%2Fappmainsupport.pages.dev%2F
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4b8e97a8b695465cbf807ce2f0470a6867ae33b89c7fbdd192ee52600a3b9bcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:50 GMT
via: 1.1 782e548cb0b1b64c63d995fc59568b48.cloudfront.net (CloudFront)
content-encoding: gzip
server: nginx
x-amz-cf-pop: IAD89-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: eQNeotok_bfUjS41SEwsoCfo-1GcYSSRa0oPw-hBWCwKlAwDeiguqA==
expires: Mon, 07 Nov 2022 15:08:49 GMT

GET
H2 200 e4e4515980f369e0500408adfa565653.js Show response
ensighten.huntingtonbank.com/huntington/com/code/ 141 KB
34 KB 64ms
64ms Script
application/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:50 GMT
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
content-encoding: br
via: 1.1 2b0c54ffe9876882253b010d44184bdc.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 403620
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
server: nginx
etag: W/"5828bc2a2ceaa2961527eedaf4167b77"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: AFyWaLsKx_OuuedI4M8sLYtY6YX9zL7-jm3qppm8bNkgXp8oyVSzyw==

POST RqUUkB
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ 0
0

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ 5 KB
2 KB 329ms
0ms Script
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

2af90a2fb7602896b48bbe42d74c949277746ac18b81787344326cec0fcb5507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
last-modified: Thu, 27 Oct 2022 05:32:28 GMT
etag: "6/Nh5/mV9O/"
content-encoding: gzip
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 1971
x-xss-protection: 1; mode=block

GET
H2 200 oo_engine.min.js Show response
www.huntington.com/Presentation/Scripts/ 45 KB
15 KB 49ms
48ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:51 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-548528740"
content-length: 14478
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1891923
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:40:54 GMT

GET
H/1.1 200
OK script.min.js Show response
cdn.clinch.co/a_js/client_pixels/clq/ 14 KB
5 KB 305ms
54ms Script
application/javascript 2600:141b:13::1724:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13::1724:158 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 15:08:51 GMT
Content-Encoding: gzip
x-amz-request-id: C09W5X02MERXXZTT
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 4567
x-amz-id-2: h7loc8hONBXkDheAl2MjKP3gHial57T7u7EeAoEBYmXjQSMyDQzZF1ry4sui1RuhNvl/L37k4Uc=
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
Server: AmazonS3
ETag: "666e09028e21421106f9ecd0ceb1ddac"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Cache-Control: max-age=30734129
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 29 Oct 2023 08:24:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 207ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 07 Nov 2022 15:08:50 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 874E349D9F99491C842884B0DB3CCA4D Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:51Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 217ms
46ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:52 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: VFEHS9B2YKDRPHAB
age: 0
x-amz-server-side-encryption: AES256
x-amz-id-2: 5sJBBSlRLfTYKY73vPuGO6NH/JPXqOfr4Q8awOoLoUoHUrawqx0m5ceY+E7EueYcWB4eHnXho0c=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 216ms
59ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35f3a005118be3dc186413c33554d800ac8f8d6e8ba227dc28d081e13f6db5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44027
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:51 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ 0
237 B 162ms
50ms Image
text/plain 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:51 GMT
via: 1.1 13f20f497c3eb55c7da0e314b603aaba.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: IAD89-P2
age: 25115
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: dy4YQxnexmz6vdEzI1k5AYE94NjcywUDBiMShuyLOx7BGC9KzI6AbQ==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 997 B
639 B 1663ms
113ms Script
application/x-javascript 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 19:12:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=49446
accept-ranges: bytes
content-length: 471

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 1563ms
42ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 15:08:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7/lleoRI7BGSATlOh5axmA/LS7KoQXtFr4uWIkQhSlnLlqOas5fJy5/z0sNhZQmDKA8l+WEbjRqONXKre+glvg==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST RqUUkB
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ 0
0

GET
H2

200

s96648082445892
smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/
Redirect Chain

https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20log...
https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&pccr=true&vidn=31B48FC2DED7CFF9-600012954BA0EEDD&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=U...

43 B
251 B

89ms
0ms

Image
image/gif

63.140.38.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&pccr=true&vidn=31B48FC2DED7CFF9-600012954BA0EEDD&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=https%3A%2F%2Fappmainsupport.pages.dev%2F&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=appmainsupport.pages.dev%2F&v19=12%3A50%20PM%7CSunday&c28=12%3A50%20PM%7CSunday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Server

63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-128.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 15:08:53 GMT
server: jag
etag: 3581645670242975744-4619847564629553701
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06 Nov 2022 15:08:53 GMT

Redirect headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 15:08:53 GMT
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
location: https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s96648082445892?AQB=1&pccr=true&vidn=31B48FC2DED7CFF9-600012954BA0EEDD&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A52%201%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=https%3A%2F%2Fappmainsupport.pages.dev%2F&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=appmainsupport.pages.dev%2F&v19=12%3A50%20PM%7CSunday&c28=12%3A50%20PM%7CSunday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&bw=1600&bh=1200&AQE=1
content-type: text/plain;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 06 Nov 2022 15:08:53 GMT

POST RqUUkB
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ 0
0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 537ms
53ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 02:38:43 GMT
Via: 1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 45011
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: 3Xy3zy65fxMUw_0pL6Tz_kAOM7vpQTt8yJcEyz9lgYYH3dgkT2eTdg==

GET
H2 200 oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/ 217 B
403 B 57ms
56ms Image
image/png 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-132.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:52 GMT
last-modified: Tue, 25 Oct 2022 11:38:34 GMT
server: Akamai Image Manager
etag: "0f59ebaf2e3d81:0"
content-type: image/png
cache-control: private, no-transform, max-age=557681
content-length: 217
expires: Mon, 14 Nov 2022 02:03:33 GMT

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ 22 KB
7 KB 402ms
45ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a35a411e422f1c8cb3b414b0ec2bcd3d882652c122d55434b353f9c066eb9f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:52 GMT
samesite: Strict
x-cache: TCP_HIT
content-length: 6692
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 23:57:12 GMT
server: TouchCommerce Server
etag: "73qHKCC7fIG"
vary: Accept-Encoding
x-azure-ref: 0hR9pYwAAAABRJmMYWoQoQ55d7Q7/Fn4DRE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 204 5067672.js Show response
bat.bing.com/p/action/ 0
117 B 37ms
35ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5067672.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 07 Nov 2022 15:08:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C136B1F22B524413BFAE677147BC8A57 Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:52Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=522e2a8f-2747-4d89-9825-6534dc8029a7&sid=1767c9605eae11ed91f7874c9f301f8c&vid=176907c05eae11edb4a115d2a7236b5b&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=https%3A%2F%2Fappmainsupport.pages.dev%2F&r=&lt=1865&evt=pageLoad&sv=1&rn=407428

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 15:08:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2DB8D16E2DE42B48A8B0642DB6F3E18 Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
120 B 51ms
50ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=522e2a8f-2747-4d89-9825-6534dc8029a7&sid=1767c9605eae11ed91f7874c9f301f8c&vid=176907c05eae11edb4a115d2a7236b5b&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1600&sh=1200&sc=24&evt=custom&rn=327621

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 15:08:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A3D9F5D862343CAA5EC14B1FABEF6FC Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:52Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10030245.json Show response
s.yimg.com/wi/config/ 2 B
494 B 133ms
51ms XHR
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10030245.json

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: QJYBY41YM1PCNJTY
age: 1
content-length: 22
x-amz-id-2: SCWjnOVSSbadcfnfJeMP5Scfp4bz8QHf4Msr2sFH0AVB8e8C/87V0eh+m0xzC+8ViFh0i4HArLZxK5qUHU14GA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3

200

activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fap... Show response
10701487.fls.doubleclick.net/ Frame B947
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobil...

527 B
314 B

285ms
106ms

Document
text/html

142.250.80.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.6 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f6.1e100.net

Software

cafe /

Resource Hash

d5d27c4095e58e2f713ddc20be64ccb97da69874ecab16221592e5c5dd74625e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 289
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 82ms
80ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32cc56460e73e1abf04d1bc08d0d9fec82fe2cfa664efb15a7f6d82fa48af5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H3

200

activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsu... Show response
10701487.fls.doubleclick.net/ Frame C8E5
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmai...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20log...

520 B
311 B

282ms
111ms

Document
text/html

142.250.80.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.6 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f6.1e100.net

Software

cafe /

Resource Hash

b5f894546bd24e7a58cf92ed4b1a1bead69e5cfbfd936e09e134da5a7a239f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 286
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 93ms
58ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bdd042cd41f5d7ab0ea57c8e7aebb080265e57710b7f792a5b7b0f92b9fd00f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 134 KB
52 KB 124ms
89ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ed639f9069b79237cab301cfe7938014190aa96da693c007ab5bc7c2842da59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 168ms
133ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb99402ca35e0d16b83e13524bd804de7d7c36d569268a442c0b6d20a04b0d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 89ms
56ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b9d13167ea1e2bf59446e52e6d340b0332ee2a1174e872441c751dfe248b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 219ms
49ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2007%20Nov%202022%2015%3A08%3A53%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fappmainsupport.pages.dev%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 221ms
51ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 15:08:53 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 110ms
110ms Script
application/x-javascript 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:53 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 21:02:26 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=68771
accept-ranges: bytes
content-length: 3063

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/ 1 KB
2 KB 313ms
60ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1667833733501&cv=11&fst=1667833733501&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

136923d362c4370bdbeebfffc7d78c023a70fddb76a320624f149260c0deb508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 883
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 nuanceChat.html Show response
appmainsupport.pages.dev/nuance/ Frame EB21 165 KB
27 KB 264ms
99ms Document
text/html 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

607d5d5769fcfaddfd2c76689c405261347e854810ba2bf9a0d202db05a4da28

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 7666fca5adc2f232-ORD
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:08:54 GMT
etag: W/"c99511ae04a337f74c5d4e87e08b20be"
link: <https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1>; rel="preload"; as=style
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZccXvzmJNTVUC71Mk7wTYnrzQqfMptBviYjgKD3ialmwCZR8E8kqrgWECqfS1CtHP1GAykzaNPp8ITiWnmoqHyxEQ3mwXtzejcMSpGg0F3f%2FLdm9uh373kYMM6fl%2Bu7GNJQzi7epajR1xBBsZ74Tw3%2FWsAn73s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/ 1 KB
911 B 187ms
101ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1667833733923&cv=11&fst=1667833733923&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27aa024011cab6b37cceff87309f6fc044f33c62622aa127d1c502da25749a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ 2 KB
939 B 105ms
104ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1667833734125&cv=11&fst=1667833734125&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dpage_view%3Bpagenameevent%3Dpub%3A%20mobile%20login%3Badobeidappid%3D%7C&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3120067bacfe678b4b6f965fe2c1fa762566a93036872738ddfe1bb8bb0d8f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 915
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 5140493269326436 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 95ms
47ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50d18b6a58dd31522e5da72cd81d210efcc4c01d2651639c27f95f29da5f664b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 15:08:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86244
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ue20nhU0kxFNwmHQkNvyQJ86RDOyxoVOwlbMiUiLZ+JRBAz8Y51h03TjKvgX16YvNlLr5aTsK5RmuKpHPMLo0A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/ 1 KB
908 B 81ms
80ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1667833734247&cv=11&fst=1667833734247&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b568bf9c0066ce6ab2e98020106688e549c5d2e1c57d0638d97496b0fa45808f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 884
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/ 1 KB
906 B 85ms
84ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1667833734511&cv=11&fst=1667833734511&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c14d1a9fc98c876d4ee6b8877593d869508764ca70042f53e1c9dee4d22cd37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 882
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 site-survey.min.css
www.huntington.com/Presentation/Styles/ Frame EB21 4 KB
2 KB 51ms
50ms Stylesheet
text/css 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:54 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="1375679757"
content-length: 1249
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1985248
accept-ranges: bytes
expires: Wed, 30 Nov 2022 14:36:22 GMT

GET
H2 200 ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js Show response
www.huntington.com/ Frame EB21 221 KB
95 KB 55ms
55ms Script
text/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

82c756747cfacd6402573e4ca875ef768a68c5f5f3c0050f2f0e62d5ca7e87b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:54 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 96220
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
server: Microsoft-IIS/10.0
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=2591937
expires: Wed, 07 Dec 2022 15:07:51 GMT

GET
H2 200 HuntingtonApexWeb-Medium.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 20 KB
20 KB 61ms
60ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1966533559", dtTao;desc="1"
content-length: 19976
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858278
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:12 GMT

GET
H2 200 HuntingtonApexWeb-Bold.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 19 KB
20 KB 96ms
95ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="510590554", dtTao;desc="1"
content-length: 19712
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:37 GMT
etag: "0f1cdef54ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1379429
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Nov 2022 14:19:23 GMT

GET
H2 200 HuntingtonApexWeb-MediumCaps.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 18 KB
19 KB 200ms
200ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1692350004", dtTao;desc="1"
content-length: 18636
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858279
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 muli-v11-latin-700.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 17 KB
17 KB 201ms
200ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-700.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-664460755", dtTao;desc="1"
content-length: 17128
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858279
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 muli-v11-latin-300.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 16 KB
17 KB 207ms
206ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-300.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="666460901", dtTao;desc="1"
content-length: 16872
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jul 2022 18:23:13 GMT
etag: "055e39b9c9bd81:0:dtagent102372203280754004oXK"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858222
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:19:16 GMT

GET
H2 200 muli-v11-latin-600.woff2
www.huntington.com/Presentation/fonts/ Frame EB21 17 KB
17 KB 206ms
205ms Font
application/font-woff2 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/fonts/muli-v11-latin-600.woff2

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Origin: https://appmainsupport.pages.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:54 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-626641094", dtTao;desc="1"
content-length: 17080
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
x-frame-options: sameorigin
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=1858279
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 03:20:13 GMT

GET
H2 200 toolkit.min.css
www.huntington.com/Presentation/Styles/ Frame EB21 388 KB
76 KB 103ms
103ms Stylesheet
text/css 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Styles/toolkit.min.css?v=EBoUWx4LcGcf9Ufq5ISQKILsheH6ePHAToYU28suVeQ1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a32dc750905bcf773957dd62d410bfd8b049cf9317317fd9e8524a9c014365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:54 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="2060064781"
content-length: 77595
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
etag: "0f59ebaf2e3d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1418775
accept-ranges: bytes
expires: Thu, 24 Nov 2022 01:15:09 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
www.huntington.com/Presentation/Scripts/ Frame EB21 87 KB
36 KB 89ms
88ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/jquery-3.5.1.min.js

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:54 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-596514542"
content-length: 36067
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1858278
accept-ranges: bytes
expires: Tue, 29 Nov 2022 03:20:12 GMT

GET
H2 200 toolkit.min.js Show response
www.huntington.com/Presentation/Scripts/ Frame EB21 503 KB
167 KB 159ms
65ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/toolkit.min.js?v=giXd8gSPyZdR2ExruPkmDHreimkiS2nO7QTJVDxt27s1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

54ab4266171afb1f12c5271d078e18b8ce0b43336445b4315069ea37465e8fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:55 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="467758740"
content-length: 170444
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
etag: "0f59ebaf2e3d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
accept-ranges: bytes
expires: Mon, 07 Nov 2022 15:08:55 GMT

GET
H/1.1 200
OK access.js Show response
cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/ Frame EB21 461 KB
62 KB 62ms
51ms Script
application/javascript 2600:9000:210b:b000:1:fb61:2b80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.levelaccess.net/accessjs/YW1wX2h1bnRpbmd0b24xMTAw/access.js
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:210b:b000:1:fb61:2b80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d596154976c6ed50f604245cc6ded9f208d27e4f780fb7c5e937dad700ee1b9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: mYLHPInXvKzp8AwW2k_umeVHlhAunVbI
Content-Encoding: gzip
Via: 1.1 1390ccfba3b832e28ba659d704aa57ba.cloudfront.net (CloudFront)
Date: Mon, 07 Nov 2022 14:57:05 GMT
X-Amz-Cf-Pop: EWR53-C3
Age: 711
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 62484
Last-Modified: Thu, 18 Aug 2022 11:17:24 GMT
Server: AmazonS3
ETag: "10c21619ee80ae45b981718b4000be33"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Accept-Ranges: bytes
X-Amz-Cf-Id: cqnjNdycLV_OuhV1PJqJUxLyH9Qu6OlIYlVPo59tR8BfMF1DwN2Vxg==

GET
H2 200 Bootstrap.js Show response
ensighten.huntingtonbank.com/huntington/com/ Frame EB21 227 KB
68 KB 112ms
112ms Script
application/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ed714045f032d532a1b487d27bb65e3211ffaf762eab060c036eeeaddc239575

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:54 GMT
x-amz-version-id: V.cNEnwifs62cdv5ByWLsKcCB2aap3KG
content-encoding: br
via: 1.1 6aa8d2883437a2897f326bfc58beed3c.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 403628
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
server: nginx
etag: W/"a8be19592d40f71ad76b452dbe4ead56"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: E4Xw5r6m7pMecnRbIbOfFqgIzIoewlxq_vGiIBCXye6oBA1k1y0mIA==

GET
H2 200 lockup.svg
www.huntington.com/-/media/hcom/global/logo/ Frame EB21 4 KB
2 KB 67ms
40ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:55 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="lockup.svg"
server-timing: dtRpid;desc="1058447365"
content-length: 1578
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jul 2020 14:26:49 GMT
etag: 25ac81b1cb8b4557ac63e0186de9a92b
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2044585
accept-ranges: bytes
expires: Thu, 01 Dec 2022 07:05:20 GMT

GET
H2 200 chat-fab.js Show response
www.huntington.com/Presentation/Scripts/ Frame EB21 19 KB
7 KB 76ms
50ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:55 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="577783886"
content-length: 7010
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:38 GMT
etag: "0f1cdef54ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=335747
accept-ranges: bytes
expires: Fri, 11 Nov 2022 12:24:42 GMT

GET
H2 200 EHL_Black_HouseOnly.svg
www.huntington.com/-/media/hcom/Icons/ Frame EB21 764 B
1 KB 79ms
60ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
date: Mon, 07 Nov 2022 15:08:55 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="EHL_Black_HouseOnly.svg"
server-timing: dtSInfo;desc="0", dtRpid;desc="2136463186"
content-length: 764
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Mar 2022 19:24:24 GMT
etag: 57637a2d5858427aba58213dfd85741c
x-frame-options: sameorigin
content-type: image/svg+xml
cache-control: public, max-age=2591401
accept-ranges: bytes
expires: Wed, 07 Dec 2022 14:58:56 GMT

GET
H2 200 logo-honeycomb.svg
www.huntington.com/-/media/hcom/global/logo/ Frame EB21 862 B
943 B 92ms
74ms Image
image/svg+xml 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:55 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-disposition: inline; filename="logo-honeycomb.svg"
server-timing: dtRpid;desc="938876142"
content-length: 449
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 11 Dec 2017 15:39:44 GMT
etag: 2d91d2b82c4a40438297b714b6e7ceb5
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2065787
accept-ranges: bytes
expires: Thu, 01 Dec 2022 12:58:42 GMT

GET
H2 200 site-survey.min.js Show response
www.huntington.com/Presentation/Scripts/ Frame EB21 7 KB
3 KB 89ms
70ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:55 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-1061898552"
content-length: 3053
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Sep 2022 18:59:22 GMT
etag: "0e13fefa2c7d81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=508151
accept-ranges: bytes
expires: Sun, 13 Nov 2022 12:18:06 GMT

GET
H2 200 RqUUkB Show response
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ Frame EB21 191 KB
76 KB 48ms
48ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-132.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a9e034c83417931e346679b955b6784343d14be49c84d4a2d3c4e81f164bea4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:55 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 17:56:27 GMT
etag: "24db78a5666c71c76d6aa17ff83216b2e26cb893b863c3de0795fd3637ef3f2b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
content-length: 77079
expires: Wed, 07 Dec 2022 15:08:32 GMT

GET
H2 200 dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.page... Show response
adservice.google.com/ddm/fls/i/ Frame BAA6 194 B
533 B 337ms
110ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPjm3emsnPsCFVfRYgodDOUACw;src=10701487;type=global;cat=allpv;ord=9664694170347;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:55 GMT
expires: Mon, 07 Nov 2022 15:08:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsuppo... Show response
adservice.google.com/ddm/fls/i/ Frame EE59 194 B
150 B 304ms
119ms Document
text/html 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CPvl3emsnPsCFQdYYgodIHwE9A;src=10701487;type=global;cat=uvisit;ord=1;num=4270138920792;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:55 GMT
expires: Mon, 07 Nov 2022 15:08:55 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
p.adsymptotic.com/d/px/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1667833734853%26url%3Dhttps%253A%252F%252Fappmainsupport.pages.de...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833734853&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&cookiesTest=true&liSync=true&e_ipv6=AQJQzcuneas4GwAAAYRSoymxft2M0pOqWJts_...
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db&_expected_cookie=428df7eb67572c1823a46f41...

43 B
141 B

79ms
78ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db&_expected_cookie=428df7eb67572c1823a46f41b076ea28
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/
Protocol: H2
Server: 104.18.98.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Mon, 07 Nov 2022 15:08:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7666fcb75ea42956-ORD
content-length: 43
content-type: image/gif

Redirect headers

location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db&_expected_cookie=428df7eb67572c1823a46f41b076ea28
date: Mon, 07 Nov 2022 15:08:56 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7666fcb3f8d52956-ORD
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/849073348/ 42 B
548 B 199ms
65ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849073348/?random=1667833733923&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4248435289&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/786635084/ 42 B
108 B 420ms
113ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786635084/?random=1667833733501&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1116973672&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/849063932/ 42 B
108 B 367ms
60ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849063932/?random=1667833734511&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=220199529&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/849064376/ 42 B
108 B 476ms
66ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1667833734125&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dpage_view%3Bpagenameevent%3Dpub%3A%20mobile%20login%3Badobeidappid%3D%7C&fmt=3&is_vtc=1&random=3639062538&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/391028924/ 42 B
108 B 478ms
68ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391028924/?random=1667833734247&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2105740254&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 374ms
79ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Fappmainsupport.pages.dev%2F&rl=&if=false&ts=1667833735265&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1667833735232.1034199522&it=1667833734193&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=435136f7-ee5e-4bf1-abda-b5157407a633&rqm=GET

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 15:08:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 serverComponent.php Show response
ensighten.huntingtonbank.com/huntington/com/ Frame EB21 320 B
554 B 78ms
77ms Script
text/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/serverComponent.php?namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Tue%20Oct%2025%2001:03:31%20GMT%202022&ClientID=1035&PageID=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5d842eda802159adb87b2ee343e8c3aeb25e4cc55bd2a4bff70e756b029034c2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:55 GMT
via: 1.1 cfb94084ba0615910dd15548de7c4c5e.cloudfront.net (CloudFront)
content-encoding: gzip
server: nginx
x-amz-cf-pop: IAD89-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
x-amz-cf-id: 5J4jDpw-VdlHyBV7zmTsmMAWCRYY2-YCjIx8Qc-qd3qk8ysb8f3hpg==
expires: Mon, 07 Nov 2022 15:08:54 GMT

GET
H2

200

trk Show response
trk.clinch.co/ Frame A367
Redirect Chain

https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049&try2=true

79 B
254 B

47ms
47ms

Document
text/html

54.209.93.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049&try2=true
Requested by: Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.93.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-93-43.compute-1.amazonaws.com
Software: clinch /
Resource Hash: 3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store
content-length: 79
content-type: text/html
date: Mon, 07 Nov 2022 15:08:56 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: clinch
x-robots-tag: none

Redirect headers

content-length: 0
date: Mon, 07 Nov 2022 15:08:56 GMT
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2F&version=3.4&a=1667833736049&try2=true
server: clinch

POST RqUUkB
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ Frame EB21 0
0

GET
H2 200 inqChatLaunch10006663.js Show response
huntingtonbank.inq.com/chatskins/launch/ Frame EB21 5 KB
2 KB 54ms
53ms Script
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

2af90a2fb7602896b48bbe42d74c949277746ac18b81787344326cec0fcb5507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:56 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
last-modified: Thu, 27 Oct 2022 05:32:28 GMT
etag: "6/Nh5/mV9O/"
content-encoding: gzip
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 1971
x-xss-protection: 1; mode=block

GET
H2 200 oo_engine.min.js Show response
www.huntington.com/Presentation/Scripts/ Frame EB21 45 KB
15 KB 51ms
50ms Script
application/javascript 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-248-132.deploy.static.akamaitechnologies.com

Software

Resource Hash

1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:56 GMT
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="-548528740"
content-length: 14478
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
etag: "01efff054ccd81:0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1891918
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:40:54 GMT

GET
H2 200 e4e4515980f369e0500408adfa565653.js Show response
ensighten.huntingtonbank.com/huntington/com/code/ Frame EB21 141 KB
34 KB 54ms
53ms Script
application/javascript 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:56 GMT
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
content-encoding: br
via: 1.1 573f3bf892e6baf323888f7038237db2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-P2
age: 403626
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
server: nginx
etag: W/"5828bc2a2ceaa2961527eedaf4167b77"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: WOUD7VmGiG4LrcQzqRlnswjRKR7APo5WlAQejKCrggjv1uJG-qo7aQ==

POST RqUUkB
www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/ Frame EB21 0
0

GET
H2 200 chatLoader.min.js Show response
media-us1.digital.nuance.com/media/launch/ Frame EB21 22 KB
7 KB 40ms
39ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a35a411e422f1c8cb3b414b0ec2bcd3d882652c122d55434b353f9c066eb9f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:57 GMT
samesite: Strict
x-cache: TCP_HIT
content-length: 6692
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 23:57:12 GMT
server: TouchCommerce Server
etag: "73qHKCC7fIG"
vary: Accept-Encoding
x-azure-ref: 0ih9pYwAAAACzMkOI+8RWSaraF7i4eixXRE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/ Frame EB21 217 B
403 B 50ms
49ms Image
image/png 23.49.248.132
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.248.132 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-248-132.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:58 GMT
last-modified: Tue, 25 Oct 2022 11:38:34 GMT
server: Akamai Image Manager
etag: "0f59ebaf2e3d81:0"
content-type: image/png
cache-control: private, no-transform, max-age=557675
content-length: 217
expires: Mon, 14 Nov 2022 02:03:33 GMT

GET
H/1.1 200
OK script.min.js Show response
cdn.clinch.co/a_js/client_pixels/clq/ Frame EB21 14 KB
5 KB 61ms
60ms Script
application/javascript 2600:141b:13::1724:158
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:13::1724:158 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 15:08:58 GMT
Content-Encoding: gzip
x-amz-request-id: C09W5X02MERXXZTT
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 4567
x-amz-id-2: h7loc8hONBXkDheAl2MjKP3gHial57T7u7EeAoEBYmXjQSMyDQzZF1ry4sui1RuhNvl/L37k4Uc=
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
Server: AmazonS3
ETag: "666e09028e21421106f9ecd0ceb1ddac"
Vary: Accept-Encoding
Access-Control-Max-Age: 86400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Cache-Control: max-age=30734122
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Expires: Sun, 29 Oct 2023 08:24:20 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ Frame EB21 38 KB
11 KB 29ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 07 Nov 2022 15:08:57 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76D5FE40E48243D8B77B1EB3FD746EA7 Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:58Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame EB21 16 KB
6 KB 52ms
52ms Script
application/javascript 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:57 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: ZT75BHW4RMWT0RKS
age: 2
x-amz-server-side-encryption: AES256
x-amz-id-2: EhClUGp/+KE9qSDgE7rdHVncCiTuc3VPwneKM07MVPvcjk2+W9aw61FXU9IVTPN8jl3Sa1C7E7s=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB21 110 KB
43 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10701487

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f3fd0065d9513a058c6a09e98e1508e265cd0c919bee341dc2649dec03dbb9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44044
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:58 GMT

GET
H2 204 e.gif
ensighten.huntingtonbank.com/error/ Frame EB21 0
235 B 54ms
53ms Image
text/plain 3.234.31.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=-1&fn=&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.234.31.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-31-129.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:58 GMT
via: 1.1 db50275fc6a3d1f557e22016322e2ba2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: IAD12-P2
age: 25122
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: DE_AgTf7nsb5v6O3iGdpovQY4UZjfqpP1UpNMIJ3MVGPF7H88BhBMA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame EB21 997 B
639 B 94ms
94ms Script
application/x-javascript 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:58 GMT
content-encoding: gzip
last-modified: Tue, 01 Nov 2022 19:12:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=49441
accept-ranges: bytes
content-length: 471

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame EB21 103 KB
27 KB 46ms
45ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 15:08:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27337
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7/lleoRI7BGSATlOh5axmA/LS7KoQXtFr4uWIkQhSlnLlqOas5fJy5/z0sNhZQmDKA8l+WEbjRqONXKre+glvg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s95532556371205
smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/ Frame EB21 43 B
189 B 60ms
53ms Image
image/gif 63.140.38.128
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s95532556371205?AQB=1&ndh=1&pf=1&t=7%2F10%2F2022%2015%3A8%3A58%201%200&mid=17106882433826507687044402830888202414&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=appmainsupport.pages.dev%2Fnuance%2FnuanceChat.html&v19=12%3A50%20PM%7CSunday&c28=12%3A50%20PM%7CSunday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1600x1200&c=24&j=1.6&v=N&k=N&mcorgid=A80C071A551AFEC90A4C98A6%40AdobeOrg&AQE=1

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-128.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 08 Nov 2022 15:08:58 GMT
server: jag
etag: 3581645680869474304-4619821004014452160
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 06 Nov 2022 15:08:58 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame EB21 4 KB
5 KB 56ms
50ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: ensighten.huntingtonbank.com
URL: https://ensighten.huntingtonbank.com/huntington/com/Bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 02:38:43 GMT
Via: 1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 45016
ETag: "98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: lVlv-WHLkUqdBUIfMD-hju1tMcI--wDdNx2sQcTgA-xym1Xv6dwQCw==

GET
H2 200 pr.min.js Show response
media-us1.digital.nuance.com/media/launch/ Frame EB21 75 KB
8 KB 42ms
41ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/pr.min.js?codeVersion=1666848733561

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

bcfe310f7991dacfd008c912f07c6f2dbdff6e402b8e4ea9be316f01ea043022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:58 GMT
samesite: Strict
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 05:32:05 GMT
server: TouchCommerce Server
etag: "B0YQRpN+Vgn"
vary: Accept-Encoding
x-azure-ref: 0ih9pYwAAAAAjYq16BjJ9Rbamzuv21Ho7RE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 204 5067672.js Show response
bat.bing.com/p/action/ Frame EB21 0
119 B 41ms
40ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5067672.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 07 Nov 2022 15:08:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E9A6FF40E7B472AA4AF9BFCBF539D09 Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:58Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame EB21 0
120 B 82ms
81ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=ae83ce37-40a1-4ac8-8a93-33a47f40c569&sid=1767c9605eae11ed91f7874c9f301f8c&vid=176907c05eae11edb4a115d2a7236b5b&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&kw=Huntington%20bank%20mobile%20login,%20Huntington%20mobile,%20Huntington%20bank%20mobile%20&p=https%3A%2F%2Fappmainsupport.pages.dev%2F&r=&lt=2997&evt=pageLoad&ifm=1&sv=1&rn=993418

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 15:08:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5320C9166FB4304AC0C3915973D13FB Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ Frame EB21 0
120 B 90ms
90ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5067672&Ver=2&mid=ae83ce37-40a1-4ac8-8a93-33a47f40c569&sid=1767c9605eae11ed91f7874c9f301f8c&vid=176907c05eae11edb4a115d2a7236b5b&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1600&sh=1200&sc=24&evt=custom&ifm=1&rn=453040

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 07 Nov 2022 15:08:58 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 963D83CDF230442DAF1261BBCA675482 Ref B: CHGEDGE1220 Ref C: 2022-11-07T15:08:58Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10030245.json Show response
s.yimg.com/wi/config/ Frame EB21 2 B
92 B 50ms
50ms XHR
application/json 2001:4998:14:800::1000
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10030245.json

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1000 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:52 GMT
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: QJYBY41YM1PCNJTY
age: 6
content-length: 2
x-amz-id-2: SCWjnOVSSbadcfnfJeMP5Scfp4bz8QHf4Msr2sFH0AVB8e8C/87V0eh+m0xzC+8ViFh0i4HArLZxK5qUHU14GA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H3

200

activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044... Show response
10701487.fls.doubleclick.net/ Frame 0988
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobil...

532 B
339 B

133ms
118ms

Document
text/html

142.250.80.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.6 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f6.1e100.net

Software

cafe /

Resource Hash

7fa97adb3c9b06a78154e71405108ada9cd4e2e5be4d9001bd9a3a07847226de

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:59 GMT
expires: Mon, 07 Nov 2022 15:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ Frame EB21 134 KB
52 KB 60ms
59ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d71a029abb31be787808e8075b940bc177b427f77f92d8fd985a7fb7aca713b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52878
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:58 GMT

GET
H3

200

activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=171068824338265076870444028308... Show response
10701487.fls.doubleclick.net/ Frame 2A3D
Redirect Chain

https://10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=171068824338265076870444028...
https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20log...

525 B
334 B

124ms
109ms

Document
text/html

142.250.80.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.80.6 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s33-in-f6.1e100.net

Software

cafe /

Resource Hash

56b3247bc4cff2d39f34c2f3b2cca73b3163ae9af367829fa96857b7b6c11735

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 311
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:59 GMT
expires: Mon, 07 Nov 2022 15:08:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:08:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB21 135 KB
52 KB 56ms
55ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a40f8ffe3edf5e926730ee57f52ac83ffe0504d0a7087a0d8e90eae43fc6bbb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52984
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB21 134 KB
52 KB 65ms
65ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ed639f9069b79237cab301cfe7938014190aa96da693c007ab5bc7c2842da59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 52780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB21 178 KB
65 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb99402ca35e0d16b83e13524bd804de7d7c36d569268a442c0b6d20a04b0d57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame EB21 178 KB
65 KB 62ms
61ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10701487

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

453ddf121bacec69d2de73a034f979556d36bcc8b770f73e692e005bfdf2a393

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66720
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame EB21 43 B
292 B 59ms
36ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2007%20Nov%202022%2015%3A08%3A59%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&e=https%3A%2F%2Fappmainsupport.pages.dev%2F&enc=UTF-8&yv=1.13.0&isIframe=1&tagmgr=gtm%2Censighten

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ Frame EB21 43 B
78 B 60ms
38ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&e=https%3A%2F%2Fappmainsupport.pages.dev%2F&enc=UTF-8&yv=1.13.0&isIframe=1&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Mon, 07 Nov 2022 15:08:59 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ Frame EB21 8 KB
3 KB 101ms
96ms Script
application/x-javascript 2600:1400:d::6878:d2ab
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d::6878:d2ab New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 21:02:26 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=68765
accept-ranges: bytes
content-length: 3063

GET
H2 200 site_10006663_default.js Show response
media-us1.digital.nuance.com/media/launch/ Frame EB21 59 KB
11 KB 43ms
39ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/site_10006663_default.js?codeVersion=1666848733561

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

45f800946f39a04f99ff9243c883253f6c92879fdec5dc56fccfa190329c6c1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:58 GMT
samesite: Strict
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Oct 2022 05:32:28 GMT
server: TouchCommerce Server
etag: "AlA4f1A9NqY"
vary: Accept-Encoding
x-azure-ref: 0ix9pYwAAAADxlMt7tQn6TopNrvLyo9DPRE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H3 200 5140493269326436 Show response
connect.facebook.net/signals/config/ Frame EB21 293 KB
84 KB 45ms
44ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50d18b6a58dd31522e5da72cd81d210efcc4c01d2651639c27f95f29da5f664b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 07 Nov 2022 15:08:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86244
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ue20nhU0kxFNwmHQkNvyQJ86RDOyxoVOwlbMiUiLZ+JRBAz8Y51h03TjKvgX16YvNlLr5aTsK5RmuKpHPMLo0A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=*;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3...
adservice.google.com/ddm/fls/z/ Frame 0988 42 B
63 B 193ms
104ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=*;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CJ6SvOysnPsCFXyDfwQdg_EK3g;src=10701487;type=global;cat=uvisit;ord=1;num=7015284006545;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://10701487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/ Frame EB21 2 KB
979 B 125ms
124ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849064376/?random=1667833739344&cv=11&fst=1667833739344&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&uaw=0&data=event%3Dpage_view%3Bpagenameevent%3Dpub%3A%20mobile%20login%3Badobeidappid%3D17106882433826507687044402830888202414%7C&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

591250e424ba875678f4c17786e8b7557d52cbc7089926a329811b1648f0be39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=*;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2F...
adservice.google.com/ddm/fls/z/ Frame 2A3D 42 B
63 B 102ms
102ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=*;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0

Requested by

Host: 10701487.fls.doubleclick.net
URL: https://10701487.fls.doubleclick.net/activityi;dc_pre=CLmbw-ysnPsCFYNPYgodRU4Jjw;src=10701487;type=global;cat=allpv;ord=3596442429950;gtm=2odb20;auiddc=945502567.1667833733;u1=pub%3A%20mobile%20login;u11=17106882433826507687044402830888202414;~oref=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0?

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://10701487.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/ Frame EB21 1 KB
917 B 105ms
104ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1667833739435&cv=11&fst=1667833739435&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f8b7110eabbbfdb0e8c1e6c9284d2e0c1b0a7aac26344995f82351b46544c6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 893
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/ Frame EB21 1 KB
916 B 72ms
71ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1667833739484&cv=11&fst=1667833739484&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d22fb8e2d47dfca3f37cbe5621fa6f8a4daaf5755cbdaa93b67fcabb79bd414a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 892
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/ Frame EB21 1 KB
915 B 95ms
90ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1667833739558&cv=11&fst=1667833739558&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e912a5946a0195e59af23e8486018e7a00ae6929ec1daeb48bc631943b23d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/ Frame EB21 1 KB
915 B 130ms
129ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1667833739615&cv=11&fst=1667833739615&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=945502567.1667833733&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

363583d824893f8bf40d19915d6537339827ca7e247fdddffdba78b4333e4df1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 891
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tcFramework.min.js Show response
media-us1.digital.nuance.com/media/launch/ Frame EB21 513 KB
132 KB 40ms
40ms Script
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

1ad12553821258dce45569d81a2073cffdfd5b3c08bd5f539a88c399bd41e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:59 GMT
samesite: Strict
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 23:57:12 GMT
server: TouchCommerce Server
etag: "Gd+MivyEZQ2"
vary: Accept-Encoding
x-azure-ref: 0ix9pYwAAAABfLnzA3rfhRJWMMX8EiFHXRE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2

200

/
p.adsymptotic.com/d/px/ Frame EB21
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833739742&url=https%3A%2F%2Fappmainsupport.pages.dev%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1667833739742&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&e_ipv6=AQI6Ufx7HehFzwAAAYRSozoDVYIdoxhpc3WSehLdyhLwHZ8N_jdmro495hvJYlYR-bw
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db

43 B
119 B

66ms
64ms

Image
image/gif

104.18.98.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db
Requested by: Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Protocol: H2
Server: 104.18.98.194 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='NON DSP COR CONi OUR BUS CNT'
date: Mon, 07 Nov 2022 15:09:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7666fccbaa7c2956-ORD
content-length: 43
content-type: image/gif

Redirect headers

date: Mon, 07 Nov 2022 15:08:59 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6E5168DE1E49448596A670ED92CDE36E Ref B: CHGEDGE0908 Ref C: 2022-11-07T15:08:59Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f8e7fe52-b325-4f8d-aaae-7b1b46b160db
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXs4s2cOLCMI7q4KN/Qxg==

GET
H3 200 /
www.google.com/pagead/1p-user-list/849064376/ Frame EB21 42 B
64 B 60ms
59ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849064376/?random=1667833739344&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dpage_view%3Bpagenameevent%3Dpub%3A%20mobile%20login%3Badobeidappid%3D17106882433826507687044402830888202414%7C&fmt=3&is_vtc=1&random=3652803467&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/786635084/ Frame EB21 42 B
64 B 59ms
59ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/786635084/?random=1667833739435&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3818767550&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/849063932/ Frame EB21 42 B
64 B 59ms
59ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849063932/?random=1667833739484&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2481561669&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/391028924/ Frame EB21 42 B
64 B 62ms
61ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/391028924/?random=1667833739558&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1904841568&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:08:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads-blocking-detector.min.js Show response
huntingtonbank.inq.com/tagserver/js/ Frame EB21 5 KB
2 KB 53ms
53ms Script
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.min.js

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

78a37757c165e672eda69f69d745ab86d78fd6d9b66b157cb9b032e479faab11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:08:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
last-modified: Wed, 26 Oct 2022 20:38:53 GMT
etag: "+0a12ojOupv"
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-encoding: gzip
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1645
x-xss-protection: 1; mode=block

GET
H2 200 postToServer.min.htm Show response
huntingtonbank.inq.com/tagserver/ Frame 8C23 21 KB
7 KB 56ms
54ms Document
text/html 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

d3066cbc8f798a3175376176e82e9ba339184e8c4c5f2d1f0734d25e7871b616

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=3600
content-encoding: gzip
content-length: 6470
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:09:00 GMT
etag: "AN7QOU24IDr"
last-modified: Wed, 26 Oct 2022 20:38:53 GMT
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
samesite: Strict
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/849073348/ Frame EB21 42 B
64 B 72ms
70ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/849073348/?random=1667833739615&cv=11&fst=1667833200000&bg=ffffff&guid=ON&async=1&gtm=2oab20&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fappmainsupport.pages.dev%2F&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3662529935&rmt_tld=0&ipr=y

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:09:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame EB21 0
18 B 88ms
42ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&rl=https%3A%2F%2Fappmainsupport.pages.dev%2F&if=true&ts=1667833740130&sw=1600&sh=1200&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1667833735232.1034199522&it=1667833739265&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=5a264f87-9ec1-470e-9817-a827a5cd888d&rqm=GET

Requested by

Host: appmainsupport.pages.dev
URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 07 Nov 2022 15:09:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 isTrustedDomain Show response
huntingtonbank.inq.com/tagserver/init/ Frame 8C23 0
283 B 82ms
81ms XHR
text/html 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/init/isTrustedDomain

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
content-type: text/html; charset=utf-8
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 0
x-xss-protection: 1; mode=block

POST
H3 405 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
appmainsupport.pages.dev/ 0
452 B 61ms
60ms XHR
text/plain 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=3848624491&en=m1fm4lts&end=1
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appmainsupport.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yhwly0ImzzSFl2wO0mB%2Fym8s54ALo9StGx85d9U6VLCOabNReLGnw2l0%2BSZCdOJLSLiDFyj654heW4YCH7MiBpeuV74TIxKyyXpnjUKPMi2Exk98NaYYGKHj1F4qgxvA8mAcPd3wT5%2BxAQbqdkZaHEJLDcNo5CA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7666fccc79b0f232-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame 57B4
Redirect Chain

https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=1710688243382...
https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=1710688243382...

927 B
1 KB

62ms
45ms

Document
text/html

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02f762c0bc9226a64e6ac20bcc2b7846b767538b2540603e4ddf5cb2e2e48119

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:09:00 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:09:00 GMT
location: https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 200 initFramework Show response
huntingtonbank.inq.com/tagserver/init/ Frame 8C23 237 B
643 B 52ms
51ms XHR
application/json 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/init/initFramework

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

7448abedd630cd881962e8572fe16bed710e7817461b612b7a727befbc1bbf00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
content-type: application/json; charset=UTF-8
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 237
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 InqFramework.js
media-us1.digital.nuance.com/media/launch/ci/ 0
223 KB 47ms
47ms Other
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/ci/InqFramework.js?codeVersion=1666848733561

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:59 GMT
samesite: Strict
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 23:57:12 GMT
server: TouchCommerce Server
etag: "HnJ6KvVLrT2"
vary: Accept-Encoding
x-azure-ref: 0jB9pYwAAAAAK/AYZoB3QTaBep0h97/poRE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 pre-acif.js
huntingtonbank.inq.com/tagserver/acif/ 0
556 B 60ms
59ms Other
application/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/acif/pre-acif.js

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
last-modified: Wed, 26 Oct 2022 20:38:50 GMT
etag: "CZNYrMxQHjq"
vary: Accept-Encoding
content-type: application/javascript
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-encoding: gzip
cache-control: max-age=3600
accept-ranges: bytes
content-length: 139
x-xss-protection: 1; mode=block

GET
H2 200 acif.js
media-us1.digital.nuance.com/media/launch/acif/ 0
112 KB 86ms
85ms Other
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/launch/acif/acif.js

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:59 GMT
samesite: Strict
x-cache: TCP_HIT
x-xss-protection: 1; mode=block
last-modified: Thu, 20 Oct 2022 23:49:52 GMT
server: TouchCommerce Server
etag: "BJzEKzocf/M"
vary: Accept-Encoding
x-azure-ref: 0jB9pYwAAAAAgqkdCqBlERZl10mw9x9LARE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

GET
H2 200 acif-configs.js
media-us1.digital.nuance.com/media/sites/10006663/assets/automatons/ 0
3 KB 81ms
73ms Other
application/javascript 2620:1ec:40::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://media-us1.digital.nuance.com/media/sites/10006663/assets/automatons/acif-configs.js

Requested by

Host: media-us1.digital.nuance.com
URL: https://media-us1.digital.nuance.com/media/launch/tcFramework.min.js?codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:40::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://appmainsupport.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 07 Nov 2022 15:08:59 GMT
samesite: Strict
x-cache: TCP_HIT
content-length: 3226
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Aug 2022 20:10:56 GMT
server: TouchCommerce Server
etag: "6ETj5Q5q2P4"
vary: Accept-Encoding
x-azure-ref: 0jB9pYwAAAAATi6A0VVHnSr9PAIRXqlO2RE0yQUExMDkxMjA3MDM5AGNiNGQ0M2Q1LTM0MjctNDJlMy1hNjBmLWYzMGJhZWYyZmUzYw==
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes

POST
H2 200 onEvent Show response
huntingtonbank.inq.com/tagserver/incrementality/ Frame 8C23 0
395 B 67ms
66ms XHR
application/json 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/incrementality/onEvent

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
server: TouchCommerce Server
content-type: application/json; charset=UTF-8
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 logline Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 43 B
695 B 72ms
71ms XHR
image/gif 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logline

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: image/gif
access-control-allow-origin: https://huntingtonbank.inq.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 logdata Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 3 B
671 B 71ms
71ms XHR
text/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logdata

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 3
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://huntingtonbank.inq.com
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 logline Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 43 B
695 B 71ms
70ms XHR
image/gif 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logline

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: image/gif
access-control-allow-origin: https://huntingtonbank.inq.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 logline Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 43 B
695 B 74ms
70ms XHR
image/gif 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logline

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: image/gif
access-control-allow-origin: https://huntingtonbank.inq.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 logline Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 43 B
695 B 90ms
90ms XHR
image/gif 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logline

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: image/gif
access-control-allow-origin: https://huntingtonbank.inq.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 57B4 487 B
987 B 74ms
45ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833738694&td1=pub:%20mobile%20login&td6=17106882433826507687044402830888202414
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://match.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 09:39:01 GMT
Via: 1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 19800
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: lZ3tryahVmJigzoulKzuhD2n3DnDPxk2tDhjYqIyTMp3q-gCoMSDOA==

POST
H2 200 logdata Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 3 B
671 B 51ms
50ms XHR
text/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logdata

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 3
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://huntingtonbank.inq.com
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame D184
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=d1433a20-53a3-4b04-92a6-04d0aee674d8&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-iNoMUN1E2uJUL.Mi7_DMdm433aUCo9I-~A&gdpr=0&gdpr_consent=

70 B
585 B

58ms
57ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-iNoMUN1E2uJUL.Mi7_DMdm433aUCo9I-~A&gdpr=0&gdpr_consent=
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 15:09:01 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Mon, 07 Nov 2022 15:09:01 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-iNoMUN1E2uJUL.Mi7_DMdm433aUCo9I-~A&gdpr=0&gdpr_consent=
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.25
strict-transport-security: max-age=31536000

GET
H2

200

rubicon Show response
match.adsrvr.org/track/cmf/ Frame EA72
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d1433a20-53a3-4b04-92a6-04d0aee674d8&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
585 B

53ms
48ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 15:09:02 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
content-length: 0

GET
H2

200

google Show response
match.adsrvr.org/track/cmf/ Frame 5422
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZDE0MzNhMjAtNTNhMy00YjA0LTkyYTYtMDRkMGFlZTY3NGQ4&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0a...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8&google_gid=CAESENBSqL_vFrv5HqWYFNyvf88&google_cver=1

70 B
585 B

286ms
286ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8&google_gid=CAESENBSqL_vFrv5HqWYFNyvf88&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://match.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 15:09:01 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Nov 2022 15:09:01 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8&google_gid=CAESENBSqL_vFrv5HqWYFNyvf88&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

POST
H2 200 logdata Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 3 B
671 B 62ms
61ms XHR
text/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logdata

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 3
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://huntingtonbank.inq.com
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

trk Show response
trk.clinch.co/ Frame D8C5
Redirect Chain

https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3...
https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3...

79 B
254 B

267ms
266ms

Document
text/html

54.209.93.43
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3.4&a=1667833741779&try2=true
Requested by: Host: cdn.clinch.co
URL: https://cdn.clinch.co/a_js/client_pixels/clq/script.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.209.93.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-209-93-43.compute-1.amazonaws.com
Software: clinch /
Resource Hash: 3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store
content-length: 79
content-type: text/html
date: Mon, 07 Nov 2022 15:09:01 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: clinch
x-robots-tag: none

Redirect headers

content-length: 0
date: Mon, 07 Nov 2022 15:09:01 GMT
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&version=3.4&a=1667833741779&try2=true
server: clinch

POST
H2 200 logdata Show response
huntingtonbank.inq.com/tagserver/logging/ Frame 8C23 3 B
671 B 269ms
268ms XHR
text/javascript 52.177.241.160
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://huntingtonbank.inq.com/tagserver/logging/logdata

Requested by

Host: huntingtonbank.inq.com
URL: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.177.241.160 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

TouchCommerce Server /

Resource Hash

a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://huntingtonbank.inq.com/tagserver/postToServer.min.htm?siteID=10006663&codeVersion=1666848733561
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 07 Nov 2022 15:09:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
samesite: Strict
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
content-length: 3
x-xss-protection: 1; mode=block
pragma: no-cache
server: TouchCommerce Server
access-control-allow-methods: OPTIONS, POST, GET
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://huntingtonbank.inq.com
content-language: en-US
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Authorization, Cookie, Content-Length, Content-Type, content-type, Depth, User-Agent, X-Requested-With, X-Protection-Id
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 405 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
appmainsupport.pages.dev/ Frame EB21 0
458 B 52ms
51ms XHR
text/plain 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&bp=3&app=0bd76d7cc9264013&crc=215862798&en=m1fm4lts&end=1
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 15:09:02 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqIIjSdW8F64T%2F8NNiJYscLARN%2BEjlOSusJ1nzSdIvCJ8asrWxwFQDX%2FMxy%2Fq1q11gwgQsPSkG5niRZGUEaoQg6h%2BUuRVTvqaPma65slg6pcceM4NRHd%2FSZIBbt6SwFtL3Zz3SToLz%2BOhWUFAL2nO7062XRmQys%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7666fcda181bf232-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 9FA9 897 B
1 KB 46ms
45ms Document
text/html 35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833732642&td1=pub:%20mobile%20login
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36d7a36fa020e2a8041c8e705e4effdd0746f57b6e16a89daf5bc2b5787f24a5

Request headers

Referer: https://appmainsupport.pages.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 07 Nov 2022 15:09:02 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame 9FA9 487 B
987 B 46ms
46ms Script
application/x-javascript 143.204.138.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fappmainsupport.pages.dev%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1667833732642&td1=pub:%20mobile%20login
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.138.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-138-162.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Mon, 07 Nov 2022 09:39:01 GMT
Via: 1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: EWR52-C2
Age: 19802
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: TzZayYLplsHf3MUR0OB5u0y1qtAqMTjpkfXqll0uV-h_KKnR9Fh_wQ==

GET
H2

200

appnexus Show response
match.adsrvr.org/track/cmf/ Frame 9A70
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dd1433a20-53a3-4b04-92a6-04d0aee674d8
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8209074457504944105&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8

70 B
665 B

43ms
43ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8209074457504944105&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 15:09:03 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

AN-X-Request-Uuid: 28e259be-7b12-495c-8c3e-c22e8275a54b
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Mon, 07 Nov 2022 15:09:03 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=8209074457504944105&ttd_tdid=d1433a20-53a3-4b04-92a6-04d0aee674d8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 104.237.193.27; 104.237.193.27; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

rum Show response
dsum-sec.casalemedia.com/ Frame 7076
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=&C=1

43 B
766 B

48ms
46ms

Document
image/gif

192.40.39.223

General

Check archive.org

Show headers Download Go to

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=&C=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 192.40.39.223 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 07 Nov 2022 15:09:03 GMT
Expires: 0
Keep-Alive: timeout=1, max=499
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

Redirect headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 0
Date: Mon, 07 Nov 2022 15:09:03 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
Location: /rum?cm_dsp_id=39&external_user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expiration=1670425742&gdpr=0&gdpr_consent=&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 803D
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=d1433a20-53a3-4b04-92a6-04d0aee674d8&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
665 B

44ms
44ms

Document
image/gif

35.71.131.137

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 07 Nov 2022 15:09:03 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Mon, 07 Nov 2022 15:09:03 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

POST
H3 405 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
appmainsupport.pages.dev/ 0
457 B 45ms
44ms XHR
text/plain 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=4003722819&en=m1fm4lts&end=1
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appmainsupport.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 15:09:04 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BN1Utri%2F1g6jsfhQtyHcCMgSTqlsncf49RlhLmPYCZJZblDuYb%2FeA%2F2BhSzipZ4T16%2Bt4NSj0%2Bldyk9YNTMPrbNrhf%2BS1rWygEnlXSVyqAaYwdda79LoQwEyM0hmemjuARKJNHI75MkRT4YyhaEUbjbA%2Fqtqwys%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7666fce61d84f232-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H3 405 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
appmainsupport.pages.dev/ Frame EB21 0
450 B 111ms
109ms XHR
text/plain 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&bp=3&app=0bd76d7cc9264013&crc=4020539427&en=m1fm4lts&end=1
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 15:09:04 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqQ952Tn2MaXwe5bT8tsZ6gkPErC4AxqZ6WCI95RvD0OmdCp5idIVcXMgzshYyaQp3dprEsjLvUyDzwXuBW%2FLy0zMDMePpdlabsriQ%2BsE62dpkfQ1ThvXIJ0Mrig6WsdxzRUD6N6jvj2lJhVYdhAeHpsCRVfNM0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7666fce79f4df232-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 results Show response
api.levelaccess.net/analytics/3.0/ Frame EB21 0
321 B 450ms
96ms XHR
text/plain 2600:1f18:4457:4601:31c1:5f80:3feb:8028

General

Check archive.org

Show headers Download Go to

Full URL

https://api.levelaccess.net/analytics/3.0/results

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4457:4601:31c1:5f80:3feb:8028 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appmainsupport.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 15:09:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

POST
H3 405 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
appmainsupport.pages.dev/ 0
457 B 54ms
50ms XHR
text/plain 2606:4700:310c::ac42:2fb5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=338057366&en=m1fm4lts&end=1
Requested by: Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:310c::ac42:2fb5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://appmainsupport.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 07 Nov 2022 15:09:06 GMT
referrer-policy: strict-origin-when-cross-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P9Kn%2FIYffTj03bIXJmuiZQw%2BtgrYEMyTT2XhOm4r0LzYJQXWtu28ta20d%2BHrnQFnrsg%2FyWt%2BzHLnmLDGnctT0y1YTrkWPrCfj%2FT7Dd93lG1hAokVNjsiAaxkM%2B8cBGakqaul5uNtw8MdldzewYvUln9D%2F9Ss1E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7666fcf3fc08f232-ORD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

POST
H2 200 results Show response
api.levelaccess.net/analytics/3.0/ 0
321 B 95ms
94ms XHR
text/plain 2600:1f18:4457:4601:31c1:5f80:3feb:8028

General

Check archive.org

Show headers Download Go to

Full URL

https://api.levelaccess.net/analytics/3.0/results

Requested by

Host: www.huntington.com
URL: https://www.huntington.com/ruxitagentjs_ICA27Vfjoqrux_10243220606153550.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4457:4601:31c1:5f80:3feb:8028 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://appmainsupport.pages.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 07 Nov 2022 15:09:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Domain: www.huntington.com
URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM
.appmainsupport.pages.dev/	1970-01-20 16:53:13	Name: rxVisitor Value: 1667833730111MJ22B3L66QJ46HUSJQHSDPEUM2OH9Q10
.appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: dtSa Value: -
appmainsupport.pages.dev/	1970-01-20 16:02:49	Name: loginCookie Value: personalLogin
.bing.com/	1970-01-20 16:38:49	Name: MUID Value: 2122AEA24AB860EA3C9CBCF74B106121
.bat.bing.com/	1970-01-20 07:27:18	Name: MR Value: 0
.appmainsupport.pages.dev/	1970-01-20 09:26:49	Name: _gcl_au Value: 1.1.945502567.1667833733
appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: geolocation Value: null
.yahoo.com/	1970-01-20 16:03:11	Name: A3 Value: d=AQABBIUfaWMCEKB_3hqXW_JNQb4AHgzuZmEFEgEBAQFxamNzYwAAAAAA_eMAAA&S=AQAAApbGFhxuEHMBMlz7bFdj_lw
.doubleclick.net/	1970-01-20 16:53:13	Name: IDE Value: AHWqTUkrhCRHvMUotBXtAdDOATFiyWZFMKxqsNRMynKya1LKKLug3hih9YWVWrbZ
.appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: dtLatC Value: 88
.linkedin.com/	1970-01-20 09:26:49	Name: li_sugr Value: f8e7fe52-b325-4f8d-aaae-7b1b46b160db
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:02:49	Name: bcookie Value: "v=2&8412104a-b072-4c16-89a6-710cffcd4924"
.linkedin.com/	1970-01-20 07:18:40	Name: lidc Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2763:u=1:x=1:i=1667833735:t=1667920135:v=2:sig=AQEA7yoOHz9HU3iFH2IBj5xNafnQEyTp"
.linkedin.com/	1970-01-20 08:00:25	Name: UserMatchHistory Value: AQLk73fEGeOaEQAAAYRSoygq8sGLxWw_muQX5U4EYmZvykmUm_nt22s0j3LF2W6wCAsKUYyjuXx1YA
.linkedin.com/	1970-01-20 08:00:25	Name: AnalyticsSyncHistory Value: AQJvkBzHV1LsKQAAAYRSoygqFFSNIova8oTiq38EMjQ7tyR6Cb8voFyGpoS81mWhOgqxSjmd5UCQO_W2xP4URA
.appmainsupport.pages.dev/	1970-01-20 09:26:49	Name: _fbp Value: fb.2.1667833735232.1034199522
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:02:49	Name: bscookie Value: "v=1&2022110715085556c637ff-3832-448f-8593-32bba6ba800aAQEiFXLf9imew9hPPJ7z3rXarGP-dGtw"
.adsymptotic.com/	1970-01-20 09:26:49	Name: U Value: 428df7eb67572c1823a46f41b076ea28
.clinch.co/	1970-01-20 16:53:13	Name: clinch-sid Value: 3889d545-490d-4fe3-a79c-ce670ee15c50
.appmainsupport.pages.dev/	1970-01-20 07:18:40	Name: _uetsid Value: 1767c9605eae11ed91f7874c9f301f8c
.appmainsupport.pages.dev/	1970-01-20 16:38:49	Name: _uetvid Value: 176907c05eae11edb4a115d2a7236b5b
.adsrvr.org/	1970-01-20 16:02:49	Name: TDID Value: d1433a20-53a3-4b04-92a6-04d0aee674d8
huntingtonbank.inq.com/	1970-01-20 16:02:49	Name: inqSession_10006663 Value: %7Bauu%3A0%2C_svMs%3A-1%2C_aTyp%3A3%2Cndpeq%3A0%2CvaID%3A%2218000764%22%2CvaOp%3A%22HNB-VA-AO%22%2CctNm%3A%22HNB-VA-DT%22%2Cspct%3A1420088400000%2Csrvyr%3A0%2Cchlv%3A0%2CCHM%3A%7Bpmor%3Afalse%7D%2C_ssID%3A%22-61506818877267849941%22%2Crd%3A%22%22%2Csest%3A%22%22%2C_sT%3A0%2Cltt%3A1667833740469%7D
huntingtonbank.inq.com/	1969-12-31 23:59:59	Name: inqBSes_10006663 Value:
huntingtonbank.inq.com/	1970-01-20 16:02:49	Name: inqVital_10006663 Value: %7BINQ%3A%7BcustID%3A%22-6150681887726784994%22%7D%2Cv%3A3%2Cvcnt%3A16%2Cvtime%3A1667833740470%2C_acid%3A%22-1%22%2C_ss%3A%22unsold%22%2CCHM%3A%7Blpt%3A0%2ClastChat%3A%7B%7D%2ClastCallId%3A0%7D%2C_is%3A1667833740470%2C_iID%3A%22-61506818877267849941%22%2C_ig%3A%22CHAT%22%7D
.analytics.yahoo.com/	1970-01-20 16:02:49	Name: IDSYNC Value: 1769~285r
.rubiconproject.com/	1970-01-20 16:02:49	Name: khaos Value: LA6X5BGG-1U-LO0Q
.rubiconproject.com/	1970-01-20 16:02:49	Name: audit Value: 1\|Wm8xUcFUX2ZRgrRQgI5kPrT82UV0lL8GZRTwLTRtAmZz+9LtiDVAhv+yIxd0hObWUdNcDfo86UgwHTRO1/p4iHX0qfg68IpFQAPcN3ARK85OteHh7MlYiBh5VA807pOxahjl3SoFdJJr3YwIx4qehuYuhtHG6ST3JGmzLG8RsU7REvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
huntingtonbank.inq.com/	1970-01-20 16:02:49	Name: inqState_10006663 Value: %7BVA%3A%5B%7Bkey%3A%22hash%22%2Cvalue%3A%7B%7D%7D%2C%7Bkey%3A%22ban%22%2Cvalue%3A%7B%7D%7D%5D%2C_loy%3A1%2C_ssQ%3A%5B%222022-11-07T15%3A09%3A00.440Z%22%5D%2C_slq%3A%5B%5D%2C_cct%3A0%2C_sqc%3A0%2C_slc%3A0%2Ccfl%3A9223372036854776000%2CNiEn%3A%22ninaProd%22%2CLDM%3A%7Blh%3A%5B%7Bid%3A-1%2Ccg%3A%5B%5D%7D%5D%7D%2CCHM%3A%7B%7D%2Cfst%3A1667833740440%2Clst%3A1667833740440%2C_ist%3A%22ELIGIBLE%22%2C_sesT%3A0%7D
.appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: rxvt Value: 1667835542579\|1667833730122
.appmainsupport.pages.dev/	1969-12-31 23:59:59	Name: dtPC Value: -81$433730016_823h-vAILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0e0
.adnxs.com/	1970-01-20 09:26:49	Name: uuid2 Value: 8209074457504944105
.bidswitch.net/	1970-01-20 16:02:49	Name: tuuid Value: ed2d2906-911d-4294-bf36-f4c96aa39b8d
.bidswitch.net/	1970-01-20 16:02:49	Name: c Value: 1667833743
.bidswitch.net/	1970-01-20 16:02:49	Name: tuuid_lu Value: 1667833743
.adsrvr.org/	1970-01-20 16:02:49	Name: TDCPM Value: CAESGQoKcmlnaHRtZWRpYRILCLbproeBt6A7EAUSFgoHcnViaWNvbhILCLbproeBt6A7EAUSFQoGZ29vZ2xlEgsItumuh4G3oDsQBRIXCghhcHBuZXh1cxILCMLI55-Bt6A7EAUSFQoGY2FzYWxlEgsIqpn9m4G3oDsQBRIYCgliaWRzd2l0Y2gSCwiqmf2bgbegOxAFGAUgAigDMgsIqpGAyZe3oDsQBUIPIg0IARIJCgV0aWVyMRABWgdsNmptZWd5YAE.
.casalemedia.com/	1970-01-20 16:02:49	Name: CMID Value: Y2kfjw-Ty6xfGRm2vIkfKAAA
.casalemedia.com/	1970-01-20 09:26:49	Name: CMPS Value: 1289
.casalemedia.com/	1970-01-20 09:26:49	Name: CMPRO Value: 1289

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://appmainsupport.pages.dev/ Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appmainsupport.pages.dev/ Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appmainsupport.pages.dev/ Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://appmainsupport.pages.dev/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 Message: Access to XMLHttpRequest at 'https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB' from origin 'https://appmainsupport.pages.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/Pe0mGDbfXAeyLOuHVcVg9CZf/VY3rGbmrYYGu/WxUOJSAB/E3hTGg/RqUUkB Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=3848624491&en=m1fm4lts&end=1 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&bp=3&app=0bd76d7cc9264013&crc=215862798&en=m1fm4lts&end=1 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=4003722819&en=m1fm4lts&end=1 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2Fnuance%2FnuanceChat.html%3FIFRAME%26nuance-frame-ac%3D0&bp=3&app=0bd76d7cc9264013&crc=4020539427&en=m1fm4lts&end=1 Message: Failed to load resource: the server responded with a status of 405 ()
network	error	URL: https://appmainsupport.pages.dev/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?type=js3&sn=v_4_srv_-2D81_sn_N5GRUK1N0E99C6TI4UAKJMOURCKU0IDM&svrid=-81&flavor=post&vi=AILWGVVCFCRJLFSJJKPJPKCJEIKWUVND-0&modifiedSince=1666986097744&rf=https%3A%2F%2Fappmainsupport.pages.dev%2F&bp=3&app=0bd76d7cc9264013&crc=338057366&en=m1fm4lts&end=1 Message: Failed to load resource: the server responded with a status of 405 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10701487.fls.doubleclick.net
adservice.google.com
api.levelaccess.net
appmainsupport.pages.dev
bat.bing.com
cdn.clinch.co
cdn.levelaccess.net
cm.g.doubleclick.net
connect.facebook.net
dsum-sec.casalemedia.com
ensighten.huntingtonbank.com
googleads.g.doubleclick.net
huntingtonbank.inq.com
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
media-us1.digital.nuance.com
p.adsymptotic.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
s.yimg.com
smetrics.huntington.com
snap.licdn.com
sp.analytics.yahoo.com
trk.clinch.co
ups.analytics.yahoo.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.huntington.com
www.linkedin.com
x.bidswitch.net
www.huntington.com
104.18.98.194
13.107.42.14
142.250.80.6
142.251.40.194
143.204.138.162
192.40.39.223
2001:4998:14:800::1000
23.49.248.132
2600:1400:d::6878:d2ab
2600:141b:13::1724:158
2600:1f18:4457:4601:31c1:5f80:3feb:8028
2600:9000:210b:b000:1:fb61:2b80:93a1
2606:4700:310c::ac42:2fb5
2607:f8b0:4006:816::2002
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::2008
2607:f8b0:4006:824::2004
2620:1ec:21::14
2620:1ec:40::40
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
3.234.31.129
35.211.178.172
35.71.131.137
52.177.241.160
52.45.33.138
54.209.93.43
63.140.38.128
68.67.179.155
69.173.151.100
76.13.32.146
02f762c0bc9226a64e6ac20bcc2b7846b767538b2540603e4ddf5cb2e2e48119
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
136923d362c4370bdbeebfffc7d78c023a70fddb76a320624f149260c0deb508
1ad12553821258dce45569d81a2073cffdfd5b3c08bd5f539a88c399bd41e170
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
1f8b7110eabbbfdb0e8c1e6c9284d2e0c1b0a7aac26344995f82351b46544c6f
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
27aa024011cab6b37cceff87309f6fc044f33c62622aa127d1c502da25749a0c
2af90a2fb7602896b48bbe42d74c949277746ac18b81787344326cec0fcb5507
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
3120067bacfe678b4b6f965fe2c1fa762566a93036872738ddfe1bb8bb0d8f9e
32cc56460e73e1abf04d1bc08d0d9fec82fe2cfa664efb15a7f6d82fa48af5df
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
35f3a005118be3dc186413c33554d800ac8f8d6e8ba227dc28d081e13f6db5f9
363583d824893f8bf40d19915d6537339827ca7e247fdddffdba78b4333e4df1
36d7a36fa020e2a8041c8e705e4effdd0746f57b6e16a89daf5bc2b5787f24a5
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006
3b9d13167ea1e2bf59446e52e6d340b0332ee2a1174e872441c751dfe248b41f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453ddf121bacec69d2de73a034f979556d36bcc8b770f73e692e005bfdf2a393
45f800946f39a04f99ff9243c883253f6c92879fdec5dc56fccfa190329c6c1a
4b8e97a8b695465cbf807ce2f0470a6867ae33b89c7fbdd192ee52600a3b9bcb
4f3fd0065d9513a058c6a09e98e1508e265cd0c919bee341dc2649dec03dbb9d
50d18b6a58dd31522e5da72cd81d210efcc4c01d2651639c27f95f29da5f664b
54ab4266171afb1f12c5271d078e18b8ce0b43336445b4315069ea37465e8fe7
56b3247bc4cff2d39f34c2f3b2cca73b3163ae9af367829fa96857b7b6c11735
591250e424ba875678f4c17786e8b7557d52cbc7089926a329811b1648f0be39
5d842eda802159adb87b2ee343e8c3aeb25e4cc55bd2a4bff70e756b029034c2
607d5d5769fcfaddfd2c76689c405261347e854810ba2bf9a0d202db05a4da28
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
7448abedd630cd881962e8572fe16bed710e7817461b612b7a727befbc1bbf00
78a37757c165e672eda69f69d745ab86d78fd6d9b66b157cb9b032e479faab11
7a9e034c83417931e346679b955b6784343d14be49c84d4a2d3c4e81f164bea4
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
7ed639f9069b79237cab301cfe7938014190aa96da693c007ab5bc7c2842da59
7fa97adb3c9b06a78154e71405108ada9cd4e2e5be4d9001bd9a3a07847226de
82c756747cfacd6402573e4ca875ef768a68c5f5f3c0050f2f0e62d5ca7e87b4
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e912a5946a0195e59af23e8486018e7a00ae6929ec1daeb48bc631943b23d4a
9a32dc750905bcf773957dd62d410bfd8b049cf9317317fd9e8524a9c014365a
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22
a062dd4952b935e430d409c4a5e5cd760e8781e3200d5c7e12a232dddba8a528
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a35a411e422f1c8cb3b414b0ec2bcd3d882652c122d55434b353f9c066eb9f58
a40f8ffe3edf5e926730ee57f52ac83ffe0504d0a7087a0d8e90eae43fc6bbb3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b
b568bf9c0066ce6ab2e98020106688e549c5d2e1c57d0638d97496b0fa45808f
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b5f894546bd24e7a58cf92ed4b1a1bead69e5cfbfd936e09e134da5a7a239f0f
bcfe310f7991dacfd008c912f07c6f2dbdff6e402b8e4ea9be316f01ea043022
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
bdd042cd41f5d7ab0ea57c8e7aebb080265e57710b7f792a5b7b0f92b9fd00f9
c14d1a9fc98c876d4ee6b8877593d869508764ca70042f53e1c9dee4d22cd37a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
d22fb8e2d47dfca3f37cbe5621fa6f8a4daaf5755cbdaa93b67fcabb79bd414a
d2667aa38599ee0de5244f5ea6aa603484f9cbaf6fea5bfe67d9d15cc7daa731
d3066cbc8f798a3175376176e82e9ba339184e8c4c5f2d1f0734d25e7871b616
d596154976c6ed50f604245cc6ded9f208d27e4f780fb7c5e937dad700ee1b9e
d5d27c4095e58e2f713ddc20be64ccb97da69874ecab16221592e5c5dd74625e
d71a029abb31be787808e8075b940bc177b427f77f92d8fd985a7fb7aca713b2
d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb99402ca35e0d16b83e13524bd804de7d7c36d569268a442c0b6d20a04b0d57
ed714045f032d532a1b487d27bb65e3211ffaf762eab060c036eeeaddc239575
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143
fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792

appmainsupport.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2fb5 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

173 Requests

95 %HTTPS

47 %IPv6

23 Domains

34 Subdomains

26 IPs

2 Countries

3062 kBTransfer

8589 kBSize

42 Cookies

154 Outgoing links

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

appmainsupport.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2fb5 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

95 %
HTTPS

47 %
IPv6

23
Domains

34
Subdomains

26
IPs

2
Countries

3062 kB
Transfer

8589 kB
Size

42
Cookies

173 HTTP transactions
0 data transactions