Report - 35.192.38.184/huntington/220213/1/website/

Report Overview

Submitted URL
35.192.38.184/huntington/220213/1/website/
IP
35.192.38.184
ASN
#15169 GOOGLE
Submitted
2022-12-05 10:33:08
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Huntington

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
144

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.3 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
10701487.fls.doubleclick.net	129820	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.4 kB	142.250.74.38
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.218.168.248
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	57 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
35.192.38.184	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	905 kB	35.192.38.184
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	1.9 kB	104.18.20.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	216.58.211.3
www.huntington.com	56151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	111 kB	23.72.139.65
media-us1.digital.nuance.com	8045	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423 B	740 B	13.107.228.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	1.9 kB	142.250.74.98
cf-images.us-east-1.prod.boltdns.net	4551	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	512 B	152 kB	54.230.111.25
huntingtonbank.inq.com	92998	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	2.5 kB	52.177.241.160
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.1 kB	142.250.74.66
insight.adsrvr.org	631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	643 B	932 B	35.71.131.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	35.192.38.184/huntington/220213/1/website/	Huntington Bank
2022-12-04	medium	35.192.38.184/huntington/220213/1/website/	Huntington Bank
2022-12-04	medium	35.192.38.184/huntington/220213/1/website/	Huntington Bank

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/lockup_24961966.svg	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/logo-honeycomb_94889960.svg	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/sp_12038580.pl	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/files/sp_41506732.pl	Phishing
2022-12-05	medium	35.192.38.184/huntington/220213/1/website/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed
2022-12-05	medium	35.192.38.184	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	33 B	2023-03-07	2024-02-06
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:48 Last Seen2024-02-06 23:26:17 Times Seen11 Hash 9ca5125aea992c9e9dc50c0ea3314156 ac052b1cb5969d48e7034603d4d325c810e13521 d675e660355a5d10bb960b285daab5cfa5df4b1ea1076747a793f2815d634200 Loading...

	www.huntington.com/akam/13/632556de	27 kB	2023-03-08	2023-11-16
Pretty URL www.huntington.com/akam/13/632556de IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:47:01 Last Seen2023-11-16 05:08:03 Times Seen32 Hash 750dcdb6aecd5505251b393ca9f165ce 350e315b86ea0ea6b30972c90cd8ef9c0627d888 eba95b33920a729b87c92f7da21b1494af2efd40e193ea7c4cdec7b5c66cf224 Loading...

	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	26 B	2023-03-07	2024-04-25
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-25 14:48:05 Times Seen19667 Hash 813f7afe12806d2df1c685b53ab49c0e 8ebc2ee97e18dd336b670b53dbccdfb8788a5825 ab008176ac77145e392d8392787e81c90c2592a54b1590d8779c74f956c0e46a Loading...

	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	26 B	2023-03-07	2024-04-25
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 14:48:03 Times Seen19665 Hash 8cf91652fc7787b535b26f390f9ed9af d39e49793059ab3b8a97b61bac69ad2a451c8ff2 f876a7b1e6234843f5d8487af055addd42fe6018d4f4e2f29ab08c0f08a85d94 Loading...

	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	26 B	2023-03-07	2024-04-25
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-25 14:48:04 Times Seen19663 Hash 339aaaa033bd435bc3d3442976b21150 309497f761b4649d113688cb611242810ed2a8bc 47536a23eb95f0f1d8f00b6ef54ac4553cc05d06ddce49260dab7dc9f083296d Loading...

	www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js	208 kB	2023-03-08	2023-03-12
Pretty URL www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:47:01 Last Seen2023-03-12 17:17:00 Times Seen1 Hash e6726f3e2633e7bb82a447b87941bbb2 6faa99eff243bba8d96be88b7ee0fa855117b5a1 09f0214df121b2049c4180815f859a77a4a985b70b555ad393c3762e73cea325 Loading...

	huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js	5.1 kB	2023-03-08	2023-03-09
Pretty URL huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-09 02:16:59 Times Seen1 Hash 609fbd6bc0fe3ebbbdb1ce590758d2d3 b731b656d04768b94532edaf1dc67038a3fa583e da65d01dbbfda64a874f36dcc9c6ac3e1a053a21abe17aa0570c74367d615338 Loading...

	www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB	196 kB	2023-03-08	2023-03-12
Pretty URL www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:47:01 Last Seen2023-03-12 21:10:57 Times Seen1 Hash b61f7de6cec194f0a00bdf64b7c3aa14 62b17d0d97ff2c18580f8adc67a8b95a339239eb 0c7b79ba74a86379afcd374b523379e8fa2239d920b9fa130ab4996de7590dc1 Loading...

	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	26 B	2023-03-07	2024-04-25
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-25 14:48:03 Times Seen19663 Hash 0096b3a75c132c10f6a90df56192e4d7 07cfa420d654e1531d97a9dccd23f4bede5edde7 7e519b79026424c478dc1b72f347eb1327c9d01dc2458973bafe2690ca7d016d Loading...

	www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0	26 B	2023-03-07	2024-04-25
Pretty URL www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 IP 23.72.139.65 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 14:48:05 Times Seen19661 Hash 91e37f24be76111b93a0ff728b96cddb e1740ea479e156d424cb918060d779528ecc8fae 49ef43da1c84ec34b398aaab43e8debad168559596297c7586e9c9e8239c79bf Loading...

	media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218	22 kB	2023-03-08	2023-03-11
Pretty URL media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218 IP 13.107.228.36 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:47:38 Last Seen2023-03-11 23:52:49 Times Seen1 Hash 069d187b3bcea1b6ab3348fc00ffd4c3 8385739223e796692e02b69f8aa8bbf730864bc6 0c1c11e6d9b00df8a81a816d2f9789c3ad63910f550eb1af108d2f241c77c9ae Loading...

HTTP Transactions (91)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Mon, 05 Dec 2022 14:08:54 GMT
Date: Mon, 05 Dec 2022 10:32:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:57 GMT
Last-Modified: Mon, 05 Dec 2022 09:02:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14393
Expires: Mon, 05 Dec 2022 14:32:50 GMT
Date: Mon, 05 Dec 2022 10:32:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 10:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 762
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fr7dEbcOf2NmPeERWI6YjDirsc2UIHY8IFqmklQAxI3Rp0J3QKut186EOpMqxQdbHm3xpQ+sR4Q=
x-amz-request-id: 8PFGDBFVDAWW9QMM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 09:47:55 GMT
age: 2702
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 10:32:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/

35.192.38.184

200 OK

58 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5848)
Size
58 kB (57883 bytes)
Hash
9efe1852c7156b3ec54d7d68da1c74de
1388fc4880defbf0527b8612634035f59e20d886
3fae5a51644c2ea24c185d80b34b0ae93e4d4291351461896d83faa0183427c5

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/site-survey_04492851.css

35.192.38.184

200 OK

1.1 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/site-survey_04492851.css
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (4339)
Size
1.1 kB (1129 bytes)
Hash
cd6cf38d1e941a325f7098a843167016
bcd9b4c5631eb89b59ed103d6dbab4027683c03f
aa2ce96b253f6b3d095d465552c823d229a3e22d4d6c0dfc176c3c8b382998b5

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/site-survey_04492851.css HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:32:58 GMT
ETag: "1358264214"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1129
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 10:11:19 GMT
cache-control: public,max-age=3600
age: 1299
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
8aa079fa427b440b52eaaeafed07c3fa
ba2f81aa311f918fd52f8170f34cee968f98d51d
ec54939728b8d4bf6094525ff14e8e2464928eee46ab884ea76f49ea4107699f

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 10:32:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 07:22:48 GMT
ETag: "ba2f81aa311f918fd52f8170f34cee968f98d51d"
Last-Modified: Mon, 05 Dec 2022 07:22:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1210
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774c1ef3e858b51e-OSL

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2

35.192.38.184

200 OK

17 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Size
17 kB (17080 bytes)
Hash
b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 17080
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5445
Cache-Control: max-age=86678
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:37:36 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?

142.250.74.38

200 OK

267 B

URL HTTP/2
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (516), with no line terminators
Size
267 B (267 bytes)
Hash
632e9196945296fb833ebbc8cf184b02
20f73aaa4844d71416c0dc4c8fbb6c48cb99a9bc
69abcf27f6557eee46b93cee2db2ee5daab9f794ee7432ccf67276779626ed2b

HTTP Headers

GET /activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 267
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 10:47:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?

142.250.74.38

200 OK

297 B

URL HTTP/2
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (509), with no line terminators
Size
297 B (297 bytes)
Hash
d57bd6816fc9dfb660f8857d60e58216
6134c038ae5adf21c4885465a856738db97fadf4
c2d5aac6e55237bd6e9f4ee6910105399cdf3500293765200deaf1fb0169aafb

HTTP Headers

GET /activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 10:47:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2

35.192.38.184

200 OK

20 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 19976
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2

35.192.38.184

200 OK

20 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 19712
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2

35.192.38.184

200 OK

19 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 18636
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2

35.192.38.184

200 OK

17 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Size
17 kB (17128 bytes)
Hash
8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 17128
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2

35.192.38.184

200 OK

17 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Size
17 kB (16872 bytes)
Hash
3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 16872
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

35.192.38.184

200 OK

54 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65536), with no line terminators
Size
54 kB (54528 bytes)
Hash
69df1049afd0b1501d3257c654c36790
1601e9455202226f7ea4ceb05538e94819dea8bb
5d545e8e15418d75f06d855808b659ced32bb5076443375ad3c6f5166f96d18d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/toolkit_71991539.css HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:32:56 GMT
ETag: "3884264941"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 54528
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F

142.250.74.98

200 OK

301 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (508), with no line terminators
Size
301 B (301 bytes)
Hash
1e56b40cf3b11fa11f61c33718eaceba
6ac138f2236708807cd6ee16ee43262a1a8251a0
092d4971e786ac31bb496d5f60e32e02c0a3f95c1340a6376aea23b94797669d

HTTP Headers

GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F

142.250.74.98

200 OK

270 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (515), with no line terminators
Size
270 B (270 bytes)
Hash
5eb8b15affb9b3432d4349299ae85a16
9e358679accc5b1ff894ef1a5ece33e1562bb503
49b8c4c769879d3e44dd5ba64b5a9e4752126fc84cb43e8f112fcbd63123425a

HTTP Headers

GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cf-images.us-east-1.prod.boltdns.net/v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg

54.230.111.25

200 OK

151 kB

URL HTTP/1.1
cf-images.us-east-1.prod.boltdns.net/v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg
IP
54.230.111.25:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
151 kB (150996 bytes)
Hash
da5b860911648a188fc910e30660eb9e
2fbd340381467f40bfb6da2d4998f5150d72189e
cca61104161d52fd05f2f822929e49c597e66756ffb62ec5d868281e2369c08d

HTTP Headers

GET /v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg HTTP/1.1
Host: cf-images.us-east-1.prod.boltdns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Date: Sun, 04 Dec 2022 12:37:14 GMT
Expires: Mon, 04 Dec 2023 12:37:14 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Powered-By: BC
X-Powered-From: gantry
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jnX7YoJDynUOrRrLsWgA4JIPkZRw5_Km_H95kBzwGcRbkOXsvNGu4g==
Age: 78944

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

35.192.38.184/huntington/220213/1/website/

35.192.38.184

200 OK

58 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5848)
Size
58 kB (57883 bytes)
Hash
9efe1852c7156b3ec54d7d68da1c74de
1388fc4880defbf0527b8612634035f59e20d886
3fae5a51644c2ea24c185d80b34b0ae93e4d4291351461896d83faa0183427c5

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg

35.192.38.184

200 OK

289 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
289 B (289 bytes)
Hash
5d142f7b5b1bd63965598deb8a43f60a
d3699c8e652ac1dbdd37f819a3c23dde84a9a66e
6a50365e1744a0adc31601958c180b31b8b64c5e99e85e6e568cef0d14f75785

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "1051321387"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 289
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg

35.192.38.184

200 OK

32 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x308, components 3\012- data
Size
32 kB (32055 bytes)
Hash
dc55374efaafedc5193b9f4c57e8f1a1
3dd9bd8ce4d6ef2eb8cd882ed580d57fc6991393
0dab592cbf8f71bce76059647380cb6e82ecb8c96b0e2d45c271563af101da3f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "4044916578"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 32055
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg

35.192.38.184

200 OK

274 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
274 B (274 bytes)
Hash
745b0c42a1091e7075fb9ba40cf231f2
2e535ed262673c84da3ec9fd17966d2d31811a05
4bfb3a12a7c28c3169ba75f5d0991808291a68ce3ab73a639f56aca1dd6826bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3369047043"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 274
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

push.services.mozilla.com/

34.218.168.248

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.168.248:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5zeABK2IV53SpPQDbTndvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yzjaJfwI6Db2WwsyVFx8IUyikiQ=

35.192.38.184/huntington/220213/1/website/files/columbus-urban-league_14920934.jpg

35.192.38.184

200 OK

38 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/columbus-urban-league_14920934.jpg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x309, components 3\012- data
Size
38 kB (38135 bytes)
Hash
c387f7385b09799a1ed335ea997d838f
ef5c0a09094bcc0184b3445846146bfd844a880f
8dd84ba8c46c05c00cc9ee5ca020b95f976a0087cc3a70253bf3ff561ea66c3a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/columbus-urban-league_14920934.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "156796387"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 38135
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c0f2e44653544c31b236ab7bc136755e
334bc8c6fb8f449d245fbb6df33d7e7224d9bc24
c26c25c109ed5252473c1e29aae168cb8ea5de6a0094ecce4662f9540d11a0d6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Last-Modified: Mon, 05 Dec 2022 09:39:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

35.192.38.184/huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg

35.192.38.184

200 OK

82 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Size
82 kB (82226 bytes)
Hash
cd27928909fc074b62df26d22c6956c5
c135cb073ab1e740521c15d6fb5a0ad46150b40d
e7810f626da1d10dda8269c9183bab7b90be6ff348a9a39b28d415287986a288

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "542695269"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 82226
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff2

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff2

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff2

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F

142.250.74.66

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Mon, 05 Dec 2022 10:32:58 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/lockup_24961966.svg

35.192.38.184

200 OK

4.0 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/lockup_24961966.svg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3955), with CRLF line terminators
Size
4.0 kB (3960 bytes)
Hash
0e065e04a552548c4cedeee81d6411cd
0b5217b34772eb85f315d25991fd17df5c56eaee
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/lockup_24961966.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "4000015123"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 3960
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127

35.71.131.137

200 OK

670 B

URL HTTP/2
insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127
IP
35.71.131.137:0
ASN
#16509 AMAZON-02

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 5x5, components 3\012- data
Size
670 B (670 bytes)
Hash
310c5a975e5141af4bcbbefd93fde28e
0321b1d121d2827ee0367f541ba7b448c51ed244
74bc22b92ce09cb6053e748724431981ba4db6340e454a5b59fa8672837eb92a

HTTP Headers

GET /track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:32:58 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png

35.192.38.184

200 OK

43 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 348 x 183, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43237 bytes)
Hash
70118ce336f07dec7e39798f14dd1f4e
6bdff0bf22662d925c3500dd5e85b10cc1be7006
80fd0dc8a1be6df4a7e26bb401f8ebb44f2b8981b549d03fcb3507bfa33bff31

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2419638030"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 43237
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-600.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-300.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/muli-v11-latin-700.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff

35.192.38.184

404 Not Found

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-top_43083073.png

35.192.38.184

200 OK

9.5 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-top_43083073.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 860 x 304, 8-bit/color RGBA, non-interlaced\012- data
Size
9.5 kB (9533 bytes)
Hash
02bd3a14dd7a21be6cded613f71c1cce
56e31e0c9fc2ab7ba7de58114f74a62193c2253a
b7f59e660d1882d6346d721a458b9b347190c85be1847245252fae6fb225a52d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/hex-pattern-small-top_43083073.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3217711215"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 9533
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png

35.192.38.184

200 OK

1.7 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 814 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
e275909623f8a06dea733b9f50d68189
ee712255204c913c4adb9a2a9cd0f9ba9971ea8c
11c468e07fa0178954d85e2789a16c1c3d4d1b55ab5ca9f86f9f6512d1136b93

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2328650347"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 1709
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/hero-female-with-confetti_55015499.png

35.192.38.184

200 OK

180 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/hero-female-with-confetti_55015499.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
180 kB (179897 bytes)
Hash
2187b23b6fdb0bbe8ce8ab47e0199f52
2006aa5547098682ca49287d380420a51298bd25
42df659c62e04d0964d843d4f6d8e55b8a2f66ea49317375d92f074819504116

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/hero-female-with-confetti_55015499.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2988844358"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 179897
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png

35.192.38.184

200 OK

28 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 1258 x 548, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27631 bytes)
Hash
52243d2120512a450edb610809ae03f6
c66bb8411e013d58daab2450702509e3a7035aa6
bdf5e368896137ecfd831ce0367f9168456c7fe489bde10dd38bba14e12263dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "249073641"
Last-Modified: Sun, 13 Feb 2022 11:32:54 GMT
Content-Length: 27631
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/community_36982493.png

35.192.38.184

200 OK

30 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/community_36982493.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 348 x 183, 8-bit/color RGBA, non-interlaced\012- data
Size
30 kB (30345 bytes)
Hash
97ca3b87b1b42890effff5bdfef7ffde
0dc154eb7d50aad069bd768c2c09cf06ed9037ea
7e0d82e4b953501b4f3637afabcc98b55a701b14aa06a0910c3f8553d59e51f8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/community_36982493.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2042136527"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 30345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/jdpower_65826443.png

35.192.38.184

200 OK

14 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/jdpower_65826443.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 348 x 183, 8-bit colormap, non-interlaced\012- data
Size
14 kB (14045 bytes)
Hash
5bedd3128543751090a0e7c5da9deeeb
e79270fff7df7e49003f251092845b7ea1b6be81
6dd3f660b379050f9ed0d6518f0f68775ba704ae50c031714cdf9084f9f45be0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/jdpower_65826443.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2096666313"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 14045
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif

35.192.38.184

200 OK

552 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "3945188395"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 552
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg

35.192.38.184

200 OK

764 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
764 B (764 bytes)
Hash
842c50db22ce317c9fdd556a89a56ed7
16618234768512011cbfa25fbe4a2058182c2438
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3626621961"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 764
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/logo-honeycomb_94889960.svg

35.192.38.184

200 OK

862 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/logo-honeycomb_94889960.svg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (859), with no line terminators
Size
862 B (862 bytes)
Hash
d2196bd473b3068bf6a2039572174d75
1014cf0ecf71fc1eecffb0052397a918e60946f4
fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/logo-honeycomb_94889960.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3687838741"
Last-Modified: Sun, 13 Feb 2022 11:33:12 GMT
Content-Length: 862
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/image_67912096.jpg

35.192.38.184

200 OK

119 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/image_67912096.jpg
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
119 kB (118859 bytes)
Hash
2c9bc89ecb5363ed1f8c91cbe6ce1295
e21a3853a326b88afcb129aa902631141e18bf1a
485763ef80614bb7b81df7824499f2450008c025aba08b04fde41897dee441b9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/image_67912096.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "2099647716"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 118859
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png

35.192.38.184

200 OK

25 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 1258 x 544, 8-bit/color RGBA, non-interlaced\012- data
Size
25 kB (24762 bytes)
Hash
e18615cf9ea2000e6c0be17c72ef7fcd
8a15d2af131574032cf5ab4c6bec9dea2984b565
dc5981d227feba716e80a78e85238235c69eed241e0cf0995b042457552bfe14

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1385729835"
Last-Modified: Sun, 13 Feb 2022 11:32:54 GMT
Content-Length: 24762
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F

142.250.74.66

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:59 GMT
expires: Mon, 05 Dec 2022 10:32:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/files/sp_12038580.pl

35.192.38.184

403 Forbidden

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/sp_12038580.pl
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
029ae44b379d08114259b850f45de150
95b397b22a1424917656337ad39f0264c9c22f75
1a17a5e27c658004e3900653663f22969eaf852fa54d89488fbf3cfee29774d1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/sp_12038580.pl HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/sp_41506732.pl

35.192.38.184

403 Forbidden

345 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/sp_41506732.pl
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
345 B (345 bytes)
Hash
029ae44b379d08114259b850f45de150
95b397b22a1424917656337ad39f0264c9c22f75
1a17a5e27c658004e3900653663f22969eaf852fa54d89488fbf3cfee29774d1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/sp_41506732.pl HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0

23.72.139.65

200 OK

806 B

URL HTTP/2
www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (667), with CRLF line terminators
Size
806 B (806 bytes)
Hash
852ae132940505f4633bd1a4082afcfb
d5ef1efd526ffc33b1e414822c16a09004f66c43
b3e9fa00bb00cb6324fd33c108752978574a55d9c91d58f7e7462288b764bced

HTTP Headers

GET /nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "0d42de2dc28d81:0:dtagent10249220905100923HoHr"
last-modified: Wed, 23 Feb 2022 17:43:35 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
x-ruxit-js-agent: true
x-oneagent-js-injection: true
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1439984110"
x-ua-compatible: IE=edge
x-akamai-transformed: 9 854 0 pmb=mTOE,3
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 10:32:59 GMT
content-length: 806
set-cookie: dtCookie=v_4_srv_7_sn_23E1DB9394FD6F1BF74A430A2F6664EF_perc_100000_ol_0_mul_1_app-3A0bd76d7cc9264013_1; Domain=.huntington.com; Path=/;
BIGipServer~PROD~p_eas-www2.lb.dmz.hban.us=rd30o00000000000000000000ffffac1705ceo443; Path=/; Secure; HttpOnly; Secure; HttpOnly
_abck=CF73BEACC15F601E37195ED96C280174~-1~YAAQPYtIF5rMWsCEAQAAsZjY4QmzZ5WRFtK7YkNduYreL+Vsevt2BLWRpNgeeDAumyI9U2ilp0ISN105upk0oGKc8PpgpNyR5IEuVBZ3tZbfRF/0Rsqdgf8UD32keGz2yBuJETCkQ7BhDgbq8UryjaBH0EjB11HF0C+YmPuczBHCSbnCJxtXxy8TBGDlq943Rc1iKw6VhDbQAMtVHRepaAytXOEiPyhQ3Zdm7n+pWF9DX5XYZ5GQNdC7dcjamrmfUDaDvLXN1xiof8xt32e+l66Rl5L36tWAq3iy61RUZlB2F9EoxwY6quSVtDy5SLLNvCH9ZIW/Utl9MAqesTDmMUXqoL9ZsmPgG8ii5ozF0S9s8jzUgBkWapn7uXbcNPOdXQ==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:32:59 GMT; Max-Age=31536000; Secure
ak_bmsc=4C1FCB566A3757191307060D4B2AD73F~000000000000000000000000000000~YAAQPYtIF5vMWsCEAQAAsZjY4RLbueplzpF6wy9qIU04u4o7k7xPFe1NOrhFoyWIRvdextX+r/5WHM9qwp24hs+mocpLhVVmGAeu8WMPB8s/e1UcX0ZCHoyJoJsx4LnLti25TJWWTFbWbflMEP2GQmXGlytDQsJdAUCUowrQC+j+ilRh6CsDhBAkM1sx4P8e6gLwKkrBy7pWs9UFdSTm0mF3hgf7IGamnVde7Ekqi2q2kULr12X6B0TLyHb9GRHor9jup4n7f4ZqJlDVNo2GeN9Fr4cRLe7CYmPCEv9xzn3XiC9ZMb8A/twrFbUuWv4EzMainauKwtZjzJAxMCJlGAOyuAFYn+7wMl5nxSK9pK9czvRgk+ekMFy6k+JqaX0M+M5/NFuezxhWq14bsQ==; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:32:58 GMT; Max-Age=7199; HttpOnly
bm_mi=EE94CF01A38B7AEF1216AB53856742AD~YAAQPYtIF5zMWsCEAQAAsZjY4RL6qyR4NMvl/EYhE4RoQ3WpV01D2rJsLhp+mL4KL11SWiTWNHmmby8LTpwDapnJ2N/mYOTbP/+EzPP4IovyMadCSrOdnXNSPHCvRn3c43xEmv/jVL7M4cGD/H9m02GKllWXC8qZpIC8h2DhZ9aQvXPnM8fOjoHljp0PMAJ74Xmn1WO1ZHDuAppzFr/Yp4yFNTQNhMRNt494whpDhay+kAHMuouoIsiScKj/O7RhNRmNmnAj2wNnjIAzQ6j9CSKPx0IhC2qBe/XiiKjjFWulo+weu6oN80r+4e77FpPLxuUSwBOcTxCixxeADhjCKqAjV6RPVgYm~1; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 10:32:59 GMT; Max-Age=0; Secure
bm_sz=5F7C1559C2689048D2FCC41612219EFC~YAAQPYtIF53MWsCEAQAAsZjY4RI6yK4vDfwdfPra+72AzqJaqR5gRjFz1KzCUxc1AG3QM4wNwjwytWNqGnZOZsF+jbcm6hfv3Lfry1WIXXLBQBE0zVOJJtoQseBhcV8vIsfHXGZ7U/GnkRrQeJdVV8isuoP3sqzKlUIKBdkC7DNy8/YZ6j5U/f2oFZOBiK342QT/Z+pVT+bax+jF9aJvG3NI3q+kKMX9OkbEYNfigQAJpBkxaoANespbTGQ3nSa14T422/nKz9xKPwIPYZONYD9a4H1roTtXx6V+ElxqX/2XxCohxW0o~3159619~3556934; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:32:58 GMT; Max-Age=14399
X-Firefox-Spdy: h2

www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js

23.72.139.65

200 OK

90 kB

URL HTTP/2
www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (2058)
Size
90 kB (90360 bytes)
Hash
42d008db9f7da8ff48a7fcaff74bdcc1
e3af6f4db8b9a13160e5f07b6a6ccd43f484d113
ae8486847e63cf122a7db6b034249608903d72650f11f715c6e6dd1a2fb89581

HTTP Headers

GET /ruxitagentjs_ICA27Vfjoqru_10249220905100923.js HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 90360
cache-control: public, max-age=2397399
expires: Mon, 02 Jan 2023 04:29:38 GMT
date: Mon, 05 Dec 2022 10:32:59 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/files/apple-touch-icon-180_31130753.png

35.192.38.184

200 OK

2.5 kB

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/apple-touch-icon-180_31130753.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
2.5 kB (2456 bytes)
Hash
b043b99ce57394e885a47758ebcc0711
f8b730760b2ca58d1e965dd3417505cef5758e69
f218c3bf79301cb22d90485e8757b99bd3f9ba3973811d7bfdd4b82d76d76ca3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/apple-touch-icon-180_31130753.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3702481743"
Last-Modified: Sun, 13 Feb 2022 11:33:00 GMT
Content-Length: 2456
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

35.192.38.184/huntington/220213/1/website/files/favicon-16x16_01348987.png

35.192.38.184

200 OK

629 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/files/favicon-16x16_01348987.png
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
629 B (629 bytes)
Hash
b3edcae46fea41cde6b830ecfe7f89e4
f031fd0f0050d9601254e35eecb6d573585418f9
5c838bb93e9d85d3badb18e708a16a8287505922eada63ed4fb7495eaefb0a17

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/files/favicon-16x16_01348987.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/

HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2662004163"
Last-Modified: Sun, 13 Feb 2022 11:32:58 GMT
Content-Length: 629
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 44998
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6886 bytes)
Hash
f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 28066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6827 bytes)
Hash
1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:50:04 GMT
age: 20575
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12830 bytes)
Hash
5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:28:22 GMT
age: 25477
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 45618
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 45611
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.huntington.com/akam/13/632556de

23.72.139.65

200 OK

8.8 kB

URL HTTP/2
www.huntington.com/akam/13/632556de
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (14360)
Size
8.8 kB (8798 bytes)
Hash
45a2a90b3090598e5b2bc454ad9ce9fe
5b40d468fcc788ec90da67e1f1ba2ccfd9db79fe
659136c4f8d9db82c1a09c47db0eb5be5c9925d72989cb3a85e8e9fdd6a9b55b

HTTP Headers

GET /akam/13/632556de HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:06:50 GMT
etag: "09c87484c5f2be9b0a608409a65636e6484e65ae14f73fcfc3a1dfb2c07040bd"
content-type: application/javascript
content-encoding: gzip
content-length: 8798
expires: Mon, 05 Dec 2022 10:32:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 10:32:59 GMT
vary: Accept-Encoding
set-cookie: ak_bmsc=8FE9C05AA3AD31453DDDBC1690597573~000000000000000000000000000000~YAAQPYtIF93MWsCEAQAACpvY4RK/x4igh1ujGakGEzhj7TV3q5CeRNJ44qC9UzTPsNvclIDryN76U1XQp2llsZmBHfS6qwgSVposw46lIoRippR2xqKQU7lQUK7ahvwOyxbKeJ4YaR3Wr+hhVTaafGPbW05dKPKzJ8c4QSm/qwndgGshgzFlz1RQbjEXYfCmWoR0rY2uHCuVmtb7tnUMO58p9JiLh9WCgx42c1Z4TfANVpuPlT0YLiBKoQ7spSgcvQicBx5RGvj8XYWhGY4N9VCazBLa8qW3I5F49WDCjJjkYBsRhZqHeZGwXxnExUuKlZQkO7wSSZLshreH5nRXLKZtsdtqY0avB4BaHn7CAPgCEnuVup0YFjn4pcUZbK9hSRk6/0POLihkoCGwXxu7ScOim29dyd6BR8w1lnITL09rLla3rvyPoRQ4KxwPvP1uGa94VkrW3DRMFKBkl6jQ58OHNNFzfRjmqitsxOFIpt/kGA==; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:32:59 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

52.177.241.160

200 OK

2.0 kB

URL HTTP/2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1021)
Size
2.0 kB (1974 bytes)
Hash
6bb8153783efa9d79386ef1fd0b5d20a
b7b6f3bc8f05161166c883cedfba33d119761430
558588effb92606a76ebe3b5f006052f7021b461715225a613452546ab7e9995

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/javascript
content-length: 1974
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: no-cache
samesite: Strict
etag: "7LnUGa92njb"
last-modified: Thu, 01 Dec 2022 06:36:04 GMT
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB

23.72.139.65

201 Created

18 B

URL HTTP/2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2090
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=63423806B808F2D9D03E6FE3DA393F02~-1~YAAQPYtIF+7MWsCEAQAAjZzY4QnQHFeSq2PWHao5xMD9trZBTsD4muug6dARQfegUkH01Bk0Hh535Qp+JwBLY5nHRodIuduBtfxmlZa+xd3Ukl1Sw5Fysd6flc8MdVHiR+V+TU4rN0YUaYXNAVYVbSrGi6MfLNW1Tir/pfPQsN9DT+/HGhwMJh2eGXkCFgPCcLK7XJcspYXVseha1P1AgzefG2muDNafgbtdfY7fXZWHtCPWIDgmocsOkO1y+gtSWD40Et0Ws+DWLzkodSLmwaLcB5rptTenxKlQ+i4jwDLzeskf4RbsiLcC0d1pAuUHl2BoLMa1bZCLDMPUeU3y3vCxvbYUxMXMeZUxbxMSZRoVRdHplSar9zE8z/rrSrBlMA==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=BDEBE17B3F5E6A82E51F4F447D1ECF42~YAAQPYtIF+/MWsCEAQAAjZzY4RJt0fPQQ32JyiQLU1s0IlTHWzs9sSZwF2cRsVXV78EP4uH/kMcZGCGSW3OU3ofxFvzEVSoMAANq0fZgmudH+jlskp/ltbkivRQVvPNhhGfoFLLGEC89BiCtWkFDtMHyw2miLMGqKS/wUTEVOcMXROD/e7W3wlhE+ViBG8P1Eo1DfN53J+LrBPYpfxhPVwibaEHLYuWfywfDr/d++xrrYpeERygLyQPxV00EghgwSqGSUm1sf3ZLOKV+XtfJvbkWiVrdiBGiV9Zu2xOPlPzlim6noWgk~4272198~4601156; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:00 GMT; Max-Age=14400
X-Firefox-Spdy: h2

www.huntington.com/akam/13/pixel_632556de

23.72.139.65

200 OK

0 B

URL HTTP/2
www.huntington.com/akam/13/pixel_632556de
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /akam/13/pixel_632556de HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 2672
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 05 Dec 2022 10:33:00 GMT
set-cookie: ak_bmsc=5BBB32B700C69A78E10BD538EADE6789~000000000000000000000000000000~YAAQPYtIF//MWsCEAQAAmp7Y4RJGPSF3JkjqcLSBZld3h6w8pE7f81Y1M9lC3Goz4DOOOWg2tS9x2rmaJQHs7O8RWRe8yYnl+45D6GI7wB9CPGvh/V0tcZPuzyEdLOtsvw52aH697U7RC48EzIzxlO/swNGLSgClrSy26d/jza50RnuxlsSPhDJ2r6g20Bg0ljH+76ByaoNklCfLTU0oO9MoadDLlaQhiujsFZOAoHISBedbIOGRAoHxfcB3U7WCK54SDU+qcXBcuYngt0EFGnZ/+bi4MBr9UmFIMdcOHgW/rTKXAqfm1heExr6jM4qe2j6zWie/1BYBAEZtHoRBV9duOMH10iHazqQgROVEXSWxgOODh30jNWyYFRClPjGQSpq07Yuc7VOhIJZBGXIeEcka9PySzRc3TypO7a8eUs8UcOwScjffmr8nNH9iHRHilLz8Q8hS3Hxc2G71; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:33:00 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2

www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB

23.72.139.65

201 Created

18 B

URL HTTP/2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2690
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=CADEEC1CBAEBBF636F61003D88990065~-1~YAAQPYtIFwDNWsCEAQAAqJ7Y4QlGKl0CRNLq3o7cO/yy8ZevLRxDmRnvw7d450t5KnJscCZUj/qvde/LmP8OIoK96PWe8WrLiPbvOCA8MAc47IckAuHE4zjk6C6gqnFDl/tZlrVFWx+4qpEA8NEXtN1e9A3vUmPB0M9r0fS7fZrElUxgfdOMFNq/yWAzRxUiWVZNwD3Ldd8mVWSZlHQDQ7vvjyJVwgqx1DBvDZ1MNrWTQK192qKNmDE42v+K1PNDvb6MNgkPIH3TRRZxc/22plh6iERE9fNC8Vy8lp+O6Q5N2TjSFDcwAECgPhLX86oyo/VvEq2r7yaQGUTuZnSq7xeRjyFdu4lkw28twt3UuLEie5JLl9Q3qQllMib0F7MAiA==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=2E933D4D04D644AAB72EFBFF1A22114D~YAAQPYtIFwHNWsCEAQAAqJ7Y4RIXTCNE+QkGe0AQCifsKjtSsuWLaczpwMMhtSTFqfkosgtysCHKe97T/YkJTSJgIoNFi6amRLslz8t6ahBv4be0HKqTc0zpRiqiP+/qlY3CCQ9A47p8kEngqve7iw8o8I+MBQi7/x1AcV9L07lSPhaa5iXpL+3Tsh961DmC+pEnfTs4Gbw3Sh4sJOdjtcwwsPvlwD8/HbdnpyDbLhCoODJktdRvaCe4q2TuYj+j7b934jdspFtpTpqc1t1EyCqpKTUJ0e5jJ92uFKX9UTSYJK71hf48~4272198~4601156; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:00 GMT; Max-Age=14400
X-Firefox-Spdy: h2

www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB

23.72.139.65

201 Created

18 B

URL HTTP/2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text, with no line terminators
Size
18 B (18 bytes)
Hash
d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

HTTP Headers

POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2688
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:01 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=2FDB69215A3E5AFEE4408BA3ABE29779~-1~YAAQPYtIFxHNWsCEAQAAjKDY4QlP9EVvjdzhNSNO4Of72hXzuox/CBPlKlHSfEnrHD62lXdA0tlF0qCUc5ro3dbvVRf2Y2VNYH4Q/zlFo0q6nevrEkJ9F8QA6LGbNuG030dpkzj0vzNOH95Enzn4HXBFuocTV7SvQgr/s0zVg7rYI4O08prr4Cb+Kk+SW/BHy6WKVrp+hU8bBZdaMV07O0iRLjR9KVpaP2Bcedv1HGp/1MifiExa9uSss7eA8k7HzcFgKaR4Ww5UoTzQvPcOS0YrE24S3C27qmsEzxYwXiobWCb34h+6VotVmTSWjaQOHsYU5/7DTS8siMv98+8KDVyDXA0fldboXV1QaGstJHBexXQiOhJY9jXzrOIjtocYGw==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:01 GMT; Max-Age=31536000; Secure
bm_sz=4F30714E01779D93431B5C2AAA150001~YAAQPYtIFxLNWsCEAQAAjKDY4RLTjiT35vLwl8Kti/kPzqYNLOU19a+J3yRZxJYpEukQ0iU/j79BPrge+lPCw+IdgSsjhkronCjkFzqZYo48oGz8h9iEQCkkexWgd0SL6lIcNlvQs3V2BIaAvci06XNr87+5/KnzeUgI3EzEm3XRwlt9fT1Aa/8wZeub+El/S9UelMabG39E039xHJ9DwJvSLHkMvYO6VJgETtWWNn5oqzGuVilHBsUern+KfvnkcsJIWps0yySKv/4fUUAE/eNiu2RSnnbV8jfbmCqUZlQIK1zmvgdP~4600897~4534854; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:01 GMT; Max-Age=14400
X-Firefox-Spdy: h2

35.192.38.184/huntington/220213/1/website/

35.192.38.184

200 OK

0 B

URL HTTP/1.1
35.192.38.184/huntington/220213/1/website/
IP
35.192.38.184:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45

www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB

23.72.139.65

200 OK

0 B

URL HTTP/2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP
23.72.139.65:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 15:58:55 GMT
etag: "93eab3a0bb65580813c7bd658963fe649b396249081ec8ae963c7388b973964b"
content-type: application/javascript
content-encoding: gzip
expires: Wed, 04 Jan 2023 10:33:00 GMT
date: Mon, 05 Dec 2022 10:33:00 GMT
vary: Accept-Encoding
cache-control: max-age=21600
set-cookie: _abck=5A776F4BE1665CEF2B79517BE2B9F829~-1~YAAQPYtIF+jMWsCEAQAA+5vY4QnGoDYmGmmsBdkXyl9iaN1N97wd5FM5FbTuG5FHO14BV6RFUxkCgnOnRRVZykO17IfB/rg88SMS095MHK4G8II5qgbm5K8GzJhz/SgC0mBW06wt4+247cEVSN1pxi9YJjIRAt5iqO2yNlyCLprsACPrUnEWDqUz8dfihMIZwmoefUMJTH1pDvcMu+Wq/aO4cyJ8w7Ub4nRTQJd1sMobl8YM2me8rKnR9zNNucbflUTCEyRnprayBpmSEjdEx99qEjaztzSzBrrqJLIvrrMTmoVjn7IjkZmY/nVja2uLuolbEutRJRv46EeubQyPjlwELl0dZ4DsI8i1wi7IOyoVd21hlKh/4uAgdfJ0kzOGlg==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=E63367980D4620ADD85F3CFA458042FE~YAAQPYtIF+nMWsCEAQAA+5vY4RK+I+fqH92d8LvHDeVJWg/our8sbK4RvWdNzu1fud1VBD31vqyZW0q+xe6cEsS8BdgRYEVW4pdciaxvjHiG8tdUTSXk9FyfxnisJdS881bapnEEuJsbrz9q7QiHPGzOfOceY9rqNfSDGKooq21NcsHcZyIzmXujiS4bHdhdo9nK22/jWWdDt2WVhdK32qcHSo5KkQYR4/nvvn+YsHS27mv5F/VNCzQwqphA5d2BlbVbKyz64CABEUPAo5bVxjmLx8nsdcdVfa1IuewppDko5+COTdyf~4276802~3356471; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:32:59 GMT; Max-Age=14399
X-Firefox-Spdy: h2

media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218

13.107.228.36

200 OK

0 B

URL HTTP/2
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218
IP
13.107.228.36:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/chatLoader.min.js?codeVersion=1669876551218 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 02:22:00 GMT
accept-ranges: bytes
etag: W/"22376-1668738120000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 0BMKNYwAAAAChsIZ/Xl5MRI+0/kJ7Syp4QU1TMDRFREdFMTgwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-azure-ref: 03MiNYwAAAACCFg6UjFUzT5Shd6atdYCfU1ZHMjBFREdFMDYwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Mon, 05 Dec 2022 10:33:00 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations