watlabi.com Open in urlscan Pro
185.225.37.76 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://watlabi.com/well/Bank/login.php
Submission: On December 13 via automatic, source openphish (December 13th 2021, 1:20:20 pm UTC) — Scanned from DE

Summary HTTP 56 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 56 HTTP transactions. The main IP is 185.225.37.76, located in Istanbul, Turkey and belongs to NETBUDUR netbudur.com, TR. The main domain is watlabi.com.
TLS certificate: Issued by R3 on November 21st 2021. Valid for: 3 months.

This is the only time watlabi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
15	185.225.37.76 185.225.37.76	202505 (NETBUDUR ...) (NETBUDUR netbudur.com)
1 24	184.86.103.137 184.86.103.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
13	91.235.132.141 91.235.132.141	30286 (THM) (THM)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
56	6

15 185.225.37.76 (Istanbul, Turkey)

ASN202505 (NETBUDUR netbudur.com, TR)
PTR: static.185.225.37.76.ventures.com.tr

watlabi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 184.86.103.137 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-137.deploy.static.akamaitechnologies.com

onlinebanking.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.132.141 (United States)

ASN30286 (THM, US)

ddata.huntingtonbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	huntington.com 1 redirects onlinebanking.huntington.com www.huntington.com	165 KB
15	watlabi.com watlabi.com	14 KB
13	huntingtonbank.com ddata.huntingtonbank.com	85 KB
3	online-metrix.net h.online-metrix.net 16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net	15 KB
0	Failed function sub() { [native code] }. Failed
56	5

	Domain	Requested by
22	onlinebanking.huntington.com	watlabi.com onlinebanking.huntington.com
15	watlabi.com	watlabi.com onlinebanking.huntington.com
13	ddata.huntingtonbank.com	watlabi.com ddata.huntingtonbank.com
2	h.online-metrix.net	ddata.huntingtonbank.com
2	www.huntington.com	1 redirects watlabi.com onlinebanking.huntington.com
1	16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	ddata.huntingtonbank.com
56	7

This site contains links to these domains. Also see Links.

Domain
www.huntington.com
selfservice.huntington.com

Subject Issuer	Validity	Valid
*.watlabi.com R3	`2021-11-21` - `2022-02-19`	3 months	crt.sh
huntington.com GeoTrust EV RSA CA 2018	`2020-07-08` - `2022-07-13`	2 years	crt.sh
ddata.huntingtonbank.com GeoTrust EV RSA CA 2018	`2020-07-11` - `2022-07-20`	2 years	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://watlabi.com/well/Bank/login.php
Frame ID: FE21FB2B69FA1AE5F46316AE7E1D245F
Requests: 40 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jb=363126266a736d773d446b6e757824687b673d4e6166757826687160773f436a70676d65266a71603d4b6a726f6d67273a383934
Frame ID: A7506C0CB896D78F73666FF6B29C393C
Requests: 11 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1
Frame ID: DF5B9C8F4A17828B08062A4F32392963
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1
Frame ID: 09B1AF298FFAF338D59A817DD7AABC0B
Requests: 2 HTTP requests in this frame

Frame: https://ddata.huntingtonbank.com/fp/top_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1
Frame ID: 3B477447C96775E052594AD039DCD14E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Huntington Online Banking Login | Huntington

Page Statistics

56
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

278 kB
Transfer

1122 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.huntington.com/customer-service/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/ForgotPassword/
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://selfservice.huntington.com/default/Enrollment/
Title: Enroll in Online Banking

Search URL Search Domain Scan URL

URL: https://www.huntington.com//Privacy-Security/protecting-yourself/identity-theft
Title: Identity Protection

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/how-we-protect-you/huntingtons-security-commitment
Title: Security

Search URL Search Domain Scan URL

URL: https://www.huntington.com/Privacy-Security/Privacy-Policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.huntington.com/personal/online-services/huntington-online-guarantee
Title: Online Guarantee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.huntington.com/-/fxm/web/ HTTP 302
https://www.huntington.com/Presentation/rol-manage.js

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login.php Show response
watlabi.com/well/Bank/ 26 KB
10 KB 318ms
210ms Document
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/well/Bank/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 4df7d28297b0c363634b72cc639178dd6989e04f5d5df0f9272e541dec7c0ac5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-powered-by: PHP/7.4.26
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 13 Dec 2021 13:20:13 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 ruxitagentjs_ICA2SVfqrux_10199200831173248.js Show response
onlinebanking.huntington.com/rol/Common/scripts/ 207 KB
80 KB 817ms
530ms Script
text/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e38cf50ffdcbce6fbd997d7488fcdae53e788bd8d59ad7407235d08d14993285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff;
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
p3p: CP="NON CUR OTPi OUR NOR UNI"
cache-control: max-age=0, no-cache, no-store
x-ua-compatible: IE=edge
content-type: text/javascript; charset=utf-8
content-length: 80879
format-detection: telephone=no
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 404 reset.css
watlabi.com/rol/Styles/Structure/960/ 0
0 54ms
51ms Stylesheet
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Styles/Structure/960/reset.css
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:13 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H2 200 text.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ 1 KB
916 B 566ms
280ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Structure/960/text.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="723399969"
content-length: 529
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 960_16_col.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ 4 KB
1 KB 566ms
281ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Structure/960/960_16_col.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-2041901624"
content-length: 821
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 huntington-rol.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 57 KB
12 KB 884ms
599ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="564285327"
content-length: 11576
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 propertyClasses.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 598 B
966 B 566ms
281ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/propertyClasses.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1570327692"
content-length: 598
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 widgets.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 12 KB
3 KB 698ms
413ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/widgets.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-1227989962"
content-length: 2435
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 NavBar.css
onlinebanking.huntington.com/rol/Styles/Navigation/ 2 KB
1006 B 697ms
412ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Navigation/NavBar.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-1112831066"
content-length: 618
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/ 59 KB
8 KB 568ms
284ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/jquery-ui-1.8.9.custom.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1883289988"
content-length: 7788
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 modal-dialog.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 1 KB
936 B 696ms
412ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/modal-dialog.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1902226883"
content-length: 548
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 hnb.aria.common.css
onlinebanking.huntington.com/rol/Styles/ 574 B
942 B 577ms
293ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/hnb.aria.common.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1687577637"
content-length: 574
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H3 404 ensightenBootstrap.js
watlabi.com/rol/ 0
0 51ms
50ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/ensightenBootstrap.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H2 200 jquery-3.1.1.min.js Show response
onlinebanking.huntington.com/rol/Script/ 85 KB
30 KB 578ms
294ms Script
application/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Script/jquery-3.1.1.min.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="2048904416"
content-length: 30130
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 safeready.js Show response
onlinebanking.huntington.com/rol/Script/jQuery/Extensions/ 311 B
687 B 577ms
294ms Script
application/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Script/jQuery/Extensions/safeready.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

760fa8f3b6a53a51fce23d438181c2050a5500037c7c00b5218b3543313a69dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="465201973"
content-length: 311
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 jquery.autotab.js Show response
onlinebanking.huntington.com/rol/Script/ 7 KB
3 KB 583ms
300ms Script
application/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Script/jquery.autotab.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="2040551024"
content-length: 2405
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 Auth.css
onlinebanking.huntington.com/rol/Styles/Presentation/Auth/ 6 KB
2 KB 696ms
413ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/Auth/Auth.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="76884160"
content-length: 1800
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 jquery.cookie.js Show response
onlinebanking.huntington.com/rol/Script/jquery.cookie/ 2 KB
1 KB 694ms
411ms Script
application/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Script/jquery.cookie/jquery.cookie.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-1520482655"
content-length: 703
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2 200 json2.min.js Show response
onlinebanking.huntington.com/rol/Script/Ajax/ 17 KB
6 KB 794ms
511ms Script
application/javascript 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Script/Ajax/json2.min.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="2087071307"
content-length: 5455
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H2

200

rol-manage.js Show response
www.huntington.com/Presentation/
Redirect Chain

https://www.huntington.com/-/fxm/web/
https://www.huntington.com/Presentation/rol-manage.js

1 KB
1 KB

409ms
409ms

Script
application/javascript

184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.huntington.com/Presentation/rol-manage.js

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Resource Hash

93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtSInfo;desc="0", dtRpid;desc="451922343"
content-length: 599
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Nov 2021 19:14:24 GMT
x-frame-options: sameorigin
date: Mon, 13 Dec 2021 13:20:16 GMT
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1579491
etag: "0e8102c67d6d71:0"
accept-ranges: bytes
expires: Fri, 31 Dec 2021 20:05:07 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains, max-age=31536000
referrer-policy: no-referrer-when-downgrade
x-permitted-cross-domain-policies: master-only
x-ruxit-js-agent: true
date: Mon, 13 Dec 2021 13:20:15 GMT
x-frame-options: sameorigin
p3p: CP="NON CUR OTPi OUR NOR UNI"
location: https://www.huntington.com:443/Presentation/rol-manage.js
x-oneagent-js-injection: true
x-xss-protection: 1; mode=block
server-timing: dtSInfo;desc="1"
content-type: text/html; charset=UTF-8
content-length: 180
x-content-type-options: nosniff
x-ua-compatible: IE=edge

GET
H2 200 WebResource.axd Show response
watlabi.com/rol/ 2 KB
893 B 69ms
68ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/WebResource.axd?d=KAutdTcH6alKTOWlncDH0iHQ__xOFzNke7aCWGDC2l63YcVuZ-gbUvFHEqH8q7F3WBGprILGYm-bugzBljgzMFykfYE1&t=637352834110221559
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:13 GMT
content-encoding: br
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 757
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 WebResource.axd Show response
watlabi.com/rol/ 2 KB
839 B 70ms
69ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/WebResource.axd?d=UJBIZYk7tZcvj4IFYmffqt09OUlhISSdhcduBbwyVnp-a6akR3trXAKcmbO7w4DRjTrT_SxsUCD4Nl0vuWb81_Jv1SQ1&t=637352834110221559
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:13 GMT
content-encoding: br
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 757
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 logo-lg.png
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 46ms
45ms Image
image/png 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/logo-lg.png

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="-1135527015"
content-length: 2560
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: image/png
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H3 404 hol.device.registration.min.js
watlabi.com/well/Scripts/hol/ 0
0 50ms
50ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/well/Scripts/hol/hol.device.registration.min.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 708
content-type: text/html

GET
H2 200 lock.gif
onlinebanking.huntington.com/images/ 0
0 226ms
225ms Image
text/html 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://onlinebanking.huntington.com/images/lock.gif
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-103-137.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 404 jquery.cookie.latest.js
watlabi.com/rol/Script/jquery.cookie/ 0
0 50ms
50ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Script/jquery.cookie/jquery.cookie.latest.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H/1.1 200
OK tags.js Show response
ddata.huntingtonbank.com/fp/ 79 KB
11 KB 94ms
17ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/tags.js?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&allow_reprofile=1

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

cccac178b67eda4bc83ed24c651f601d6a6de8a888b7adeb0df928c4b3368c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 hexlogo-footer-icon.png
onlinebanking.huntington.com/rol/Images/ 333 B
701 B 119ms
118ms Image
image/png 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/hexlogo-footer-icon.png

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="517611315"
content-length: 333
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: image/png
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H3 404 AccessibleMenuBar.js
watlabi.com/rol/Script/ 0
0 51ms
50ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Script/AccessibleMenuBar.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H3 200 98da3142ui2540ce0530daea07ab1c Show response
watlabi.com/bundles/ 2 KB
886 B 65ms
64ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/bundles/98da3142ui2540ce0530daea07ab1c
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
content-encoding: br
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 757
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 404 reset.css
watlabi.com/rol/Styles/Structure/960/ 0
0 50ms
50ms Stylesheet
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Styles/Structure/960/reset.css
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H2 200 huntington-rol-print.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 8 KB
3 KB 156ms
155ms Stylesheet
text/css 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol-print.css

Requested by

Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="2083087904"
content-length: 2198
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET
H3 404 hol.device.registration.min.js
watlabi.com/well/Scripts/hol/ 0
0 51ms
51ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/well/Scripts/hol/hol.device.registration.min.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H3 404 jquery.cookie.latest.js
watlabi.com/rol/Script/jquery.cookie/ 0
0 51ms
51ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Script/jquery.cookie/jquery.cookie.latest.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H3 404 AccessibleMenuBar.js
watlabi.com/rol/Script/ 0
0 51ms
51ms Script
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rol/Script/AccessibleMenuBar.js
Requested by: Host: watlabi.com
URL: https://watlabi.com/well/Bank/login.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/well/Bank/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:14 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 708
content-type: text/html

GET
H2 200 background-960.jpg
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 52ms
52ms Image
image/jpeg 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637414084970000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1717443564"
content-length: 2997
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:14 GMT
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:14 GMT

GET generic
www.huntington.com/ 0
0

GET
H2 200 background-960.jpg
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 13ms
12ms Image
image/jpeg 184.86.103.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-137.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 /

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
server-timing: dtRpid;desc="1717443564"
content-length: 2997
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 10 Nov 2021 23:25:15 GMT
server: Microsoft-IIS/10.0
date: Mon, 13 Dec 2021 13:20:16 GMT
content-type: image/jpeg
cache-control: max-age=0, no-cache, no-store
etag: "803f29378ad6d71:0"
accept-ranges: bytes
expires: Mon, 13 Dec 2021 13:20:16 GMT

GET
H/1.1 200
OK check.js;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C Show response
ddata.huntingtonbank.com/fp/ Frame A750 269 KB
46 KB 23ms
23ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jb=363126266a736d773d446b6e757824687b673d4e6166757826687160773f436a70676d65266a71603d4b6a726f6d67273a383934

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/tags.js?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&allow_reprofile=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a49c6096f532bdc9afdc5a87a7c0238ef210db3589679a7404b676b205ff6161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: b53cc265f8a4eeb1
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
ddata.huntingtonbank.com/fp/ Frame A750 81 B
475 B 40ms
13ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
ddata.huntingtonbank.com/fp/ Frame A750 81 B
475 B 40ms
13ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A750 81 B
527 B 41ms
13ms XHR
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/check.js;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jb=363126266a736d773d446b6e757824687b673d4e6166757826687160773f436a70676d65266a71603d4b6a726f6d67273a383934

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 16xsqggn/b53cc265f8a4eeb168a01e26596a402c99a299a1d6f6c74f
Referer: https://watlabi.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:20:16 GMT
Last-Modified: Mon, 13 Dec 2021 13:20:16 GMT
Server: Apache
Etag: 91f12f5717de4a9cb5e616ae46ed5ead
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://watlabi.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 12 Dec 2026 13:20:16 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C Show response
ddata.huntingtonbank.com/fp/ Frame DF5B 82 KB
13 KB 16ms
16ms Document
text/html 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8f88ccc9f52161fe867030bd08c2ef8ade101cf8291845904c2c80a8afffe7aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/

Response headers

Date: Mon, 13 Dec 2021 13:20:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A750 0
387 B 13ms
13ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jb=313e266c73613f6439313762316161356d6c30366c69303832303b3a303a303766386331326533

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C Show response
h.online-metrix.net/fp/ Frame 09B1 95 KB
15 KB 57ms
20ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

d2b64e2988cbada618118cbf4024dcb7646d990e7387079ba3ab65f043adad2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/

Response headers

Date: Mon, 13 Dec 2021 13:20:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A750 0
387 B 14ms
14ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jd=373026266a666c3f3330246a66683f366c3e336138303033636735343b313960646a636366393a60653d333137333424626e746c35383a31333b38313a

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame A750 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C Show response
ddata.huntingtonbank.com/fp/ Frame 3B47 82 KB
12 KB 19ms
18ms Document
text/html 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/top_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ccd059bf443725d9a72bca233f1e6493f748b68d94369e4ca282e9e101878676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/

Response headers

Date: Mon, 13 Dec 2021 13:20:16 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A750 0
218 B 17ms
17ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&ja=333137302626613f302e783d3026643f393e303270393230302463643f333632327031323030247178713f3078302466787a3d3324393630302e333032322c333438302c313232322c393430302c333038382c333e38302c313032322e322c322465743d61383a30616a6164633735666c6e6464316d613834333336353236603b693761266d6c3f342e7163643d30362e64683f607c74707327314327304627304e7761746c63606926616f6d2530447f6d6c6e2d3a4642616c692730446c6d65616e2e70687224647a3f26706c3f312e78683f3f3066323863633460616660673931336237313a37696730643360666a3a64362e60683d34636134333b36316369666261383a36323e33643436313b313f363a3a6e39332668716d3f4e696c7770266a73623f41687a6d6d65253032313e26687b67753d4c6b6c777a246a71607d3d4368726d6f652e6c68633d3624666c6d3f302e747a643f47766127324457666b6e6f776c246d697668723d3632383b64336b3a626563323067346163373438303832616633353d3630316666363d3038333c396436656363303666633b3669666264373031313b33393661247235786c776f616e5f666e63716a5c66636e7b6521706c776569665d77696e666d7f7b5f6f6d6c69615f726e637b67725c64696c736521726e756f6b6e5f61666d6a6d5f636b7a6f6261765c64636e736723786c7567696c5d717d6b636b746b6f6d566663647b6521706e77656b6c5f716a67636b776174675e6e636c73652372647d676b66577265616e726e637b65705c6e616c736523726c7d65696e5f746e6b57706e697165725e64636e716721726e7d67696e5f666776696e76725e6463647b652378647567696c5d7174655f746b6d7765725e64636c7b6721706c776561665f68697e615e66636e716724657a3135623731303660313a3b33383966363f3e33316b6b343536333a3467313264676b366266393633376d24676c5f613f7f6d6265645f6562474e273032332e32273a30284f70676c47442732304551273a38322c382d3230436a706d6f6b756f2b5f6562474c2730304f4e534c2530324d5b253038392e302530322a4d72656c45442532304551273238454c534c2730384d53273a38312e30273032416a726d6f61756d295767604b6176576562496b7c2d32325f6d62474c434c454e475f6b6c7b74616e6367665f697072617971273b4a2530384d58545f606e676c665f6f6b666d6178253140253a324558545d6167646f70576a75666667705d6a636c645d6e6c6f61742731422d30304558565d6e646f637c57626c656c662731402530324d58545f6670636757666570746a273b4a2530384d58545f716a636667725d766d78747572675d6c67662533422730384d5856577c6578747770675d616f6f727a657373696d6c5f6a7274632531402d3a3047505c5f74657a767770675f616d6570726573716b6f665d72677461273b4a2530384d58545f76677a767772675d6e696c7465705d61666b736f74706d786163273b4a253230554740494b545d4750545f74657a76757a675f66696e766d7a5f636661736f74706d726b612531402d32304558565d735a4542253340273a384b4a5a57706172636e6e676e5f716a696465725f616d6d786b6c652531402d3a304d4d5b5f656c676f676c765f6b6c6c65785f756b6c742d31422532324d4d5b5f646a675f72656c6667705d6d6b726561702533402732384d45535f7176696664637a6c5f6465706b7463766974677b2533422530324f4d515f74657a767d7a655d6e646f61742731402730304d475b5f7465787677726d5d666c6f63765764696c6d69722533402730324d45515d7c6578747570675f60636c665f646e676974273b4a2532304d47515d76657a767d72655f68636e6657646c6f61765d64616e67697a2533422730324d47535d746d727465785d63727a63795f6f60686d6b74273b4a253230554740454e5f616d646f725f627764666d705f666c6d637c2d33402d3a30574540454e5d616f6f727a65737365665d746d7a747572675d697b74612d3b42253232554740454c5d61676d7072657171656c5d74657876777a6d5f677c6b253342273032554742454e57636f6d707067737b67645f74677a7c7d7267576d74633127314027303055474a474c5f636d6f707a67737365665d7c6d78767d7a655f733176612731422730385745424b4b565f5f4742474c5d61676570706d7b7365645d76677a7675706757733374632731422d3030574540454457636d65787265737167665d76657a767d72655f73317663577172676227314a2d32325f4d42474c5d66676077675d706d6e64657267705f616c666f2531402d3a30554d4a474c5f666772766a5f766770747572652731422d303057454049415c5f554d4a474c5f666772766a5f766770747572652731422d30305745404544576470697f5f627564646770712531402d3230574540454c576e6f73655d6167667467707c253342273032554742494b5c5f574542454e5f646d73655f616d667c657a7c2d3342253032554740474e5d65756c74695d66726975313626656e57603d326a38353163636034303a3033363a353563656130613f673534663a356a3034346c3e35353036672475656c743f416e74656c273030416c632e267565647a3d4b667c656c2530324b706b732730384f70656e454e253a32456e676b6c6d2e63616c3532&jb=333d33266c713f4f6f726b6c6c6127304e3d2e322d3a3028576b6c666d75732730384e54253232333026322533422730385f696c3e3c2533422730327a34342b273a304170706e67576d604b697427304e3d3335263b362532322a494a564d4e273a432532306e6b6b6d273230476761636729273a384368726d6f672730463b3426302e343634362e313125323051636e69726b2d3a463533352c3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 13 Dec 2021 13:20:16 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net/fp/ Frame A750 81 B
438 B 57ms
13ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame DF5B 0
387 B 14ms
13ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jf=313e266c73623f31313c316130653a3a3d3a64366e313562393b343161663331333f3237353834

Requested by

Host: ddata.huntingtonbank.com
URL: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ddata.huntingtonbank.com/fp/ls_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C
ddata.huntingtonbank.com/fp/ Frame A750 0
400 B 16ms
16ms Image
image/png 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ddata.huntingtonbank.com/fp/clear1.png;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jf=363936267369665d7266663d7464705d5e7c465a793b5a5939434a6337557067247b69645f6463766535333633393632393e31342e7b69645f767b72673f776760326563647363247361665f6b657b3f3b38353b3b383133303432353063383436306365336432303039323630383063303e343a6b6d33643031323332353031363a303030343330363b3461656334303a6e633a3a6932313961373664663731673b613536656061393a606437663a343c3130346b30383739646630673a34333630646130376636366a3663656263306b6e363b3c38666564646131666064666169373166376435393e3336653364306c6c3960383134646266353030303163606b353461632471696c5d7369673f31383c35323a3a313030643b366060633a643a3437653531633469373036353261383a39313b6b636263333167343530333038666462313033316a676132373437303834356e6b643930323030323230666731373639313a67303c3b35373364603f3d62336d6a33353637373530333134303f313665636764376d606430366631693b3666306b3065396364316024736b647a3d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=2A78860957FE464875ED1FBE233480BB
h.online-metrix.net/fp/ Frame 09B1 0
400 B 16ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=2A78860957FE464875ED1FBE233480BB?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jf=363938267369665d7266663d7464705d4d7068697262446c4f36444b4f5b6640247b69645f6463766535333633393632393e31342e7b69645f767b72673f776760326563647363247361665f6b657b3f3b38353b3b383133303432353063383436306365336432303039323630383063303e343a6b6d33643031323332353031363a303030343167323d633463393167313e31676c6d3033613b3b3b313b303b3a3e666464393a36316c633536633a376e6a30346c3a3162353a343a33356564676d383838376763623f3236316461373c6d3836393f6430656335353a6166366030656539336730376b603638323067316d6266316b6638343a3a3564643336666a653266622471696c5d7369673f31383c36323a3a313030673b35666132643b3f393666333260336d3565643936636c3d383b6a6c34343360603536673563663f323964633260346c376533353b633b6931676a3a38613432303033323066336a326266653764303b3236616467363a3e35643b3866633036333636333836633e64383832663b343b3464333231373b3131326b3961383361606733333724716166723d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=28104E83E689E1B49B6D3CC8CDD2A94C?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:16 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
ddata.huntingtonbank.com/fp/ Frame A750 0
387 B 14ms
13ms Script
text/javascript 91.235.132.141
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://ddata.huntingtonbank.com/fp/clear.png?org_id=16xsqggn&session_id=68a01e26596a402c99a299a1d6f6c74f&nonce=b53cc265f8a4eeb1&jac=1&je=3339372626706f3f6e672462617471763573226e6d7e656c2238332c32322c20717c617475732038226b6a6172676b6c6f2a7d24697d64683d616335603b6534673e383163636361366e30613763333b3a3133343b3c366235613133353b3660366c386464343a343038313866653664383b66616c30343539

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.141 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://watlabi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Dec 2021 13:20:17 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
watlabi.com/ 2 KB
797 B 65ms
64ms XHR
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=3845949790;end=1
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10

Request headers

Referer: https://watlabi.com/well/Bank/login.php
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:18 GMT
content-encoding: br
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 757
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3 200 rb_55ab56e3-f58b-45f8-a01d-56e2db48866f Show response
watlabi.com/ 2 KB
797 B 67ms
66ms XHR
text/html 185.225.37.76
NETBUDUR netbudur...

General

Check archive.org

Show headers Download Go to

Full URL: https://watlabi.com/rb_55ab56e3-f58b-45f8-a01d-56e2db48866f?app=e901f9adc46e5a00;crc=697130095;end=1
Requested by: Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Common/scripts/ruxitagentjs_ICA2SVfqrux_10199200831173248.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.225.37.76 Istanbul, Turkey, ASN202505 (NETBUDUR netbudur.com, TR),
Reverse DNS: static.185.225.37.76.ventures.com.tr
Software: / PHP/7.4.26
Resource Hash: 93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10

Request headers

Referer: https://watlabi.com/well/Bank/login.php
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Dec 2021 13:20:20 GMT
content-encoding: br
x-powered-by: PHP/7.4.26
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
content-length: 757
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.huntington.com
URL: https://www.huntington.com/generic?sc_site=ROL

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
watlabi.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: d2f5678209ff1ed85e13c16ed76b7168
.watlabi.com/	1969-12-31 23:59:59	Name: dtCookie Value: -70$CT359SV38P3B5QNO3KUEKAEU2A54K2QF
.watlabi.com/	1970-01-20 16:54:33	Name: rxVisitor Value: 16394016146885M7822H79GOCJM857FNK33RJHJ0EKIB1
.watlabi.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.watlabi.com/	1969-12-31 23:59:59	Name: dtLatC Value: 55
ddata.huntingtonbank.com/	1970-01-21 18:35:21	Name: thx_guid Value: 1502dd90e68b46f997ce35a3a66713cf
.watlabi.com/	1969-12-31 23:59:59	Name: rxvt Value: 1639403416238\|1639401614689
.watlabi.com/	1969-12-31 23:59:59	Name: dtPC Value: -70$201614685_761h-vOJAJLOUHTESBRPLVRMNGVVVOLAWCFUKJ-0e0

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://watlabi.com/rol/Styles/Structure/960/reset.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/well/Scripts/hol/hol.device.registration.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/Styles/Structure/960/reset.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/Script/jquery.cookie/jquery.cookie.latest.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/Script/AccessibleMenuBar.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/ensightenBootstrap.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/well/Scripts/hol/hol.device.registration.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/Script/jquery.cookie/jquery.cookie.latest.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://watlabi.com/rol/Script/AccessibleMenuBar.js Message: Failed to load resource: the server responded with a status of 404 ()
javascript	error	URL: https://watlabi.com/well/Bank/login.php Message: Access to XMLHttpRequest at 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' from origin 'https://watlabi.com' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-untrusted, https.
network	error	URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://watlabi.com/well/Bank/login.php Message: Access to XMLHttpRequest at 'https://www.huntington.com/generic?sc_site=ROL' from origin 'https://watlabi.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.huntington.com/generic?sc_site=ROL Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

16xsqggnq67dep25bfcd4w47nhgjrvbuo63ptxzab53cc265f8a4eeb1am1.e.aa.online-metrix.net
ddata.huntingtonbank.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
onlinebanking.huntington.com
watlabi.com
www.huntington.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
www.huntington.com
184.86.103.137
185.225.37.76
91.235.132.130
91.235.132.141
91.235.134.131
147217678b7522d6ddbdadbc6b179afcc97262381b375b8cb4bd499f143fdd81
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
47c75a635e3e39fcfa01365d1b2201b5d497201ebb59274f76a04c7ff5bc4496
4df7d28297b0c363634b72cc639178dd6989e04f5d5df0f9272e541dec7c0ac5
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
52295428f1d4d23a3a2e279cc1dacf9b9869b08004da91fb219ac01f48e86938
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
760fa8f3b6a53a51fce23d438181c2050a5500037c7c00b5218b3543313a69dc
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
8f88ccc9f52161fe867030bd08c2ef8ade101cf8291845904c2c80a8afffe7aa
93c44eee16e0a57d26504344ef3d9f847067170e7c3cce2c0588cef7b6186a10
93e5e5ea6830e1b5ca177029fd11e531d670629b9453eb329b901f72089aba79
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
a49c6096f532bdc9afdc5a87a7c0238ef210db3589679a7404b676b205ff6161
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
cccac178b67eda4bc83ed24c651f601d6a6de8a888b7adeb0df928c4b3368c33
ccd059bf443725d9a72bca233f1e6493f748b68d94369e4ca282e9e101878676
d2b64e2988cbada618118cbf4024dcb7646d990e7387079ba3ab65f043adad2b
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
e38cf50ffdcbce6fbd997d7488fcdae53e788bd8d59ad7407235d08d14993285
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

watlabi.com Open in urlscan Pro 185.225.37.76 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

56 Requests

95 %HTTPS

0 %IPv6

5 Domains

7 Subdomains

6 IPs

3 Countries

278 kBTransfer

1122 kBSize

8 Cookies

7 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

watlabi.com Open in urlscan Pro
185.225.37.76 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

95 %
HTTPS

0 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

278 kB
Transfer

1122 kB
Size

8
Cookies

56 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!