www.hometownbanque.icu Open in urlscan Pro
68.65.122.37  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.hometownbanque.icu/	412 KB 46 KB	1181ms 667ms	Document text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash bc4be064e1c3ccb6cbeae63a22125399acaebf3806cd6ce50fe9943626768886 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 46594 content-type text/html date Fri, 09 Dec 2022 19:58:27 GMT last-modified Fri, 09 Dec 2022 15:22:54 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	Remoteloginload Show response web3.secureinternetbank.com/EBC_EBC1151/js/	897 B 2 KB	813ms 535ms	Script application/javascript	107.162.133.86 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://web3.secureinternetbank.com/EBC_EBC1151/js/Remoteloginload Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.133.86 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash feb0f92a9bbd1b2a099d1c0e4c5a6dc3b74eadd15f74afe77f4100c40b045803 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src *; img-src * 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 Content-Security-Policy frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src *; img-src * 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *; X-Content-Type-Options nosniff Date Fri, 09 Dec 2022 19:58:28 GMT Via 1.1 lon1-bit6 X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate, max-age=0 X-Robots-Tag noindex Content-Length 897 X-XSS-Protection 1; mode=block Expires -1
GET H/1.1	200 OK	remoteLoginLoad Show response web3.secureinternetbank.com/PBI_PBI1151/js/	535 B 2 KB	873ms 584ms	Script application/javascript	107.162.133.86 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://web3.secureinternetbank.com/PBI_PBI1151/js/remoteLoginLoad Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.133.86 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash bab824d761f413cead829bb91421a36884b3f908a5d86438b7df65e8336dcd2d Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Pragma no-cache Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff Date Fri, 09 Dec 2022 19:58:28 GMT Via 1.1 lon1-bit6 X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 Cache-Control no-cache, no-store, must-revalidate Content-Length 535 X-XSS-Protection 1; mode=block Expires -1
GET H2	404	2020Logo.jpg www.hometownbanque.icu/Images/	1 KB 1 KB	220ms 217ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/2020Logo.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	homepage_FINAL.jpg www.hometownbanque.icu/Images/galleries/	1 KB 1 KB	237ms 234ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/galleries/homepage_FINAL.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	personal_check_thumbnail.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	238ms 235ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/personal_check_thumbnail.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Business%20Services_homepage_feature.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	238ms 235ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/Business%20Services_homepage_feature.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Debit%20Card%20Management_homepage_feature.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	239ms 236ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/Debit%20Card%20Management_homepage_feature.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	TrustAndWealthManagement_homepage_feature.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	239ms 236ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/TrustAndWealthManagement_homepage_feature.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Commercial%20Lending_homepage_feature.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	424ms 422ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/Commercial%20Lending_homepage_feature.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Agricultural%20Banking_homepage_feature.jpg www.hometownbanque.icu/Images/Features/	1 KB 1 KB	425ms 422ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Features/Agricultural%20Banking_homepage_feature.jpg Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	Footer-CT-smaller57e6.png www.hometownbanque.icu/Images/	1 KB 1 KB	425ms 423ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/Footer-CT-smaller57e6.png?d=637285243161442471 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	EmpOwned380c.png www.hometownbanque.icu/Images/	1 KB 1 KB	425ms 423ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/EmpOwned380c.png?d=637290304857744262 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	ComFocus56e7.png www.hometownbanque.icu/Images/	1 KB 1 KB	425ms 423ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/ComFocus56e7.png?d=637290304823618634 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	404	EHL2020.png www.hometownbanque.icu/Images/	1 KB 1 KB	425ms 424ms	Image text/html	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.hometownbanque.icu/Images/EHL2020.png Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers pragma no-cache date Fri, 09 Dec 2022 19:58:28 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	JSSiteMaster6913 Show response www.hometownbanque.icu/bundles/	167 KB 167 KB	426ms 424ms	Script text/plain	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.hometownbanque.icu/bundles/JSSiteMaster6913?v=8EbquEF1-8CqnTHGNJeH3CQ3wD7xtcmK8vPJ0Y8tLQ41 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 26e08c1e089eba89c800ca777f7b49e12a2121be95f2578b50c5e68296f06796 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Fri, 09 Dec 2022 19:58:28 GMT x-turbo-charged-by LiteSpeed last-modified Thu, 08 Dec 2022 20:49:08 GMT server LiteSpeed accept-ranges bytes content-length 171213
GET H2	200	JSHomePageDeferde7f Show response www.hometownbanque.icu/bundles/	13 KB 14 KB	657ms 656ms	Script text/plain	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.hometownbanque.icu/bundles/JSHomePageDeferde7f?v=Cyd_SEmhE6N1cADchh63iM_RIOH0PFCrHWsV2gZ9p8w1 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 092b402c6186e69f36054f5a3ca52a18f6b066c7e56a92dc4315d3d7771e78ba Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Fri, 09 Dec 2022 19:58:28 GMT x-turbo-charged-by LiteSpeed last-modified Thu, 08 Dec 2022 20:49:08 GMT server LiteSpeed accept-ranges bytes content-length 13800
GET H2	200	WebResourcebb71.js Show response www.hometownbanque.icu/	23 KB 5 KB	238ms 237ms	Script application/javascript	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.hometownbanque.icu/WebResourcebb71.js?d=pynGkmcFUV13He1Qd6_TZH45eKbEzC7UfX9u9Htd-bLiag0K3Bs-l9o0IKID_ChKVlpe1scBbkJvgW7AIYZLFA2&t=637729410440000000 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash de97e6cc4a087932fd9eabebcf3457f02d977d3a687e290389f047c072e357b6 Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Fri, 09 Dec 2022 19:58:28 GMT content-encoding br last-modified Sat, 20 Nov 2021 05:50:44 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 4374 expires Fri, 16 Dec 2022 19:58:28 GMT
GET H/1.1	200 OK	remoteLoginPost Show response web3.secureinternetbank.com/EBC_EBC1151/js/	56 KB 57 KB	121ms 121ms	Script application/javascript	107.162.133.86 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://web3.secureinternetbank.com/EBC_EBC1151/js/remoteLoginPost Requested by Host: web3.secureinternetbank.com URL: https://web3.secureinternetbank.com/EBC_EBC1151/js/Remoteloginload Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.133.86 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 481d1676a7f10545b8a36faeb263acd09e4181b8a5ff93e140fae5398f7b213c Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src *; img-src * 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 Content-Security-Policy frame-ancestors 'self'; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; connect-src *; img-src * 'self' data:; style-src 'self' 'unsafe-inline' ; child-src *; X-Content-Type-Options nosniff Date Fri, 09 Dec 2022 19:58:28 GMT Last-Modified Fri, 09 Dec 2022 19:58:29 GMT Via 1.1 lon1-bit6 Vary User-Agent X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=31536000, must-revalidate X-Robots-Tag noindex Content-Length 57835 X-XSS-Protection 1; mode=block Expires Sat, 09 Dec 2023 19:58:29 GMT
GET H/1.1	200 OK	remoteLoginPost Show response web3.secureinternetbank.com/PBI_PBI1151/js/	5 KB 6 KB	118ms 118ms	Script application/javascript	107.162.133.86 DEFENSE-NET
General Check archive.org Show headers Download Go to Full URL https://web3.secureinternetbank.com/PBI_PBI1151/js/remoteLoginPost Requested by Host: web3.secureinternetbank.com URL: https://web3.secureinternetbank.com/PBI_PBI1151/js/remoteLoginLoad Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.162.133.86 , United States, ASN55002 (DEFENSE-NET, US), Reverse DNS Software / Resource Hash 82fc6fdca0f608870cf813d5e87b63efa492e50bc34b83a782b18c3f29ea6485 Security Headers Name Value Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Content-Security-Policy frame-ancestors 'self'; default-src 'self'; font-src 'self' data: ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.onlinebanktours.com https://www.splash-screen.net/ https://mpsnare.iesnare.com; connect-src *; media-src 'self' https://mpsnare.iesnare.com data:; img-src * 'self' data:; style-src 'self' 'unsafe-inline' https://www.onlinebanktours.com; child-src * js:; Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=157680000 X-Content-Type-Options nosniff Date Fri, 09 Dec 2022 19:58:29 GMT Last-Modified Fri, 09 Dec 2022 19:58:29 GMT Via 1.1 lon1-bit6 Vary User-Agent X-Frame-Options SAMEORIGIN Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=31536000 Content-Length 4864 X-XSS-Protection 1; mode=block Expires Sat, 09 Dec 2023 19:58:29 GMT
GET H2	200	fontawesome-webfont3e6e.woff2 www.hometownbanque.icu/fonts/	75 KB 76 KB	216ms 215ms	Font font/woff2	68.65.122.37 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.hometownbanque.icu/fonts/fontawesome-webfont3e6e.woff2?v=4.7.0 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 68.65.122.37 Huntingdon, United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server163-3.web-hosting.com Software LiteSpeed / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://www.hometownbanque.icu/ Origin https://www.hometownbanque.icu accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers date Fri, 09 Dec 2022 19:58:29 GMT last-modified Fri, 22 May 2020 23:51:52 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 77160 expires Fri, 16 Dec 2022 19:58:29 GMT
GET H/1.1	200 OK	wdp.js Show response mpsnare.iesnare.com/general5/	41 KB 19 KB	134ms 34ms	Script text/javascript	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false Requested by Host: web3.secureinternetbank.com URL: https://web3.secureinternetbank.com/PBI_PBI1151/js/remoteLoginPost Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 60ababcec6dd5d27d8bd92b29d89ee59e2376ac642345dd4996294816c8757b7 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Pragma no-cache Date Fri, 09 Dec 2022 19:58:29 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Server nginx Accept-CH ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control no-cache, private Connection keep-alive Expires 0
GET H/1.1	200 OK	logo.js Show response mpsnare.iesnare.com/5.5.0/	505 B 923 B	32ms 31ms	Script text/javascript	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/5.5.0/logo.js Requested by Host: mpsnare.iesnare.com URL: https://mpsnare.iesnare.com/general5/wdp.js?loaderVer=5.1.0&compat=false&tp=true&tp_split=false&fp_static=false&fp_dyn=false&flash=false Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash fbd430a6de6835d36e4873e56d4d49394df697c155e38b78b35e20bbf0dc498f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.hometownbanque.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Response headers Date Fri, 09 Dec 2022 19:58:29 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Content-Encoding gzip Last-Modified Tue, 06 May 2014 00:01:40 GMT Server nginx Accept-CH ua, ua-arch, ua-platform, ua-model, ua-mobile, ua-full-version, ua-platform-version Transfer-Encoding chunked Content-Type text/javascript; charset=utf-8 p3p CP="NON DSP COR CURa" Cache-Control private Connection keep-alive Expires Sat, 09 Dec 2023 19:58:29 GMT
GET H/1.1	206 Partial Content	time.mp3 mpsnare.iesnare.com/	504 B 881 B	52ms 33ms	Media audio/mpeg	54.228.71.178 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mpsnare.iesnare.com/time.mp3?nocache=0.11352021238316712 Requested by Host: www.hometownbanque.icu URL: https://www.hometownbanque.icu/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.228.71.178 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-228-71-178.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash 61ed04dbef81e4f6635b2671313e88574338c2f82620c1be2046e76ff387e2b0 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers Referer https://www.hometownbanque.icu/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36 Range bytes=0- Response headers Pragma public Date Fri, 09 Dec 2022 19:58:29 GMT Strict-Transport-Security max-age=15552000; includeSubDomains Server nginx Content-Type audio/mpeg Content-Range bytes 0-503/504 Content-Disposition inline; filename=time.mp3 Connection keep-alive Accept-Ranges bytes Content-Length 504 Expires Thu, 01 Jan 1970 00:00:00 GMT

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| CheckForHiddenFields object| EBC object| args object| PBI object| theForm function| __doPostBack function| SubmitLogin function| PersonalLogin function| BusinessLogin function| LoginKeypress function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY string| io_global_object_name object| IGLOO function| getCookie function| setCookie function| setHrefs function| hideBusiness function| $ function| jQuery object| bootstrap string| SABTitle string| SABAuthor string| iPhoneID string| iPadID string| AndroidPhoneID string| AndroidTabletID object| head object| metaIphone object| metaIpad function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug function| forceIE89Synchronicity

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mpsnare.iesnare.com/	1970-01-20 16:49:11	Name: io_token_7c6a6574-f011-4c9a-abdd-9894a102ccef Value: uk4l2uJRUYszlQHbxsvvoKsmKNKVh94EbbQpJtZXNbo=

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.hometownbanque.icu/Images/2020Logo.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/galleries/homepage_FINAL.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/personal_check_thumbnail.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/Business%20Services_homepage_feature.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/Debit%20Card%20Management_homepage_feature.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/TrustAndWealthManagement_homepage_feature.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/Commercial%20Lending_homepage_feature.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Features/Agricultural%20Banking_homepage_feature.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/Footer-CT-smaller57e6.png?d=637285243161442471 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/EmpOwned380c.png?d=637290304857744262 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/ComFocus56e7.png?d=637290304823618634 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.hometownbanque.icu/Images/EHL2020.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mpsnare.iesnare.com
web3.secureinternetbank.com
www.hometownbanque.icu
107.162.133.86
54.228.71.178
68.65.122.37
092b402c6186e69f36054f5a3ca52a18f6b066c7e56a92dc4315d3d7771e78ba
26e08c1e089eba89c800ca777f7b49e12a2121be95f2578b50c5e68296f06796
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
481d1676a7f10545b8a36faeb263acd09e4181b8a5ff93e140fae5398f7b213c
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
60ababcec6dd5d27d8bd92b29d89ee59e2376ac642345dd4996294816c8757b7
61ed04dbef81e4f6635b2671313e88574338c2f82620c1be2046e76ff387e2b0
82fc6fdca0f608870cf813d5e87b63efa492e50bc34b83a782b18c3f29ea6485
bab824d761f413cead829bb91421a36884b3f908a5d86438b7df65e8336dcd2d
bc4be064e1c3ccb6cbeae63a22125399acaebf3806cd6ce50fe9943626768886
de97e6cc4a087932fd9eabebcf3457f02d977d3a687e290389f047c072e357b6
fbd430a6de6835d36e4873e56d4d49394df697c155e38b78b35e20bbf0dc498f
feb0f92a9bbd1b2a099d1c0e4c5a6dc3b74eadd15f74afe77f4100c40b045803