r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12957
Expires: Mon, 05 Dec 2022 14:08:54 GMT
Date: Mon, 05 Dec 2022 10:32:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5456
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:57 GMT
Last-Modified: Mon, 05 Dec 2022 09:02:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14393
Expires: Mon, 05 Dec 2022 14:32:50 GMT
Date: Mon, 05 Dec 2022 10:32:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 10:20:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 762
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: fr7dEbcOf2NmPeERWI6YjDirsc2UIHY8IFqmklQAxI3Rp0J3QKut186EOpMqxQdbHm3xpQ+sR4Q=
x-amz-request-id: 8PFGDBFVDAWW9QMM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 09:47:55 GMT
age: 2702
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 10:32:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/
35.192.38.184200 OK 58 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/
IP 35.192.38.184:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5848)
Hash 9efe1852c7156b3ec54d7d68da1c74de
1388fc4880defbf0527b8612634035f59e20d886
3fae5a51644c2ea24c185d80b34b0ae93e4d4291351461896d83faa0183427c5
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/site-survey_04492851.css
35.192.38.184200 OK 1.1 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/site-survey_04492851.css
IP 35.192.38.184:0
File type ASCII text, with very long lines (4339)
Hash cd6cf38d1e941a325f7098a843167016
bcd9b4c5631eb89b59ed103d6dbab4027683c03f
aa2ce96b253f6b3d095d465552c823d229a3e22d4d6c0dfc176c3c8b382998b5
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/site-survey_04492851.css HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:32:58 GMT
ETag: "1358264214"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1129
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 10:11:19 GMT
cache-control: public,max-age=3600
age: 1299
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 8aa079fa427b440b52eaaeafed07c3fa
ba2f81aa311f918fd52f8170f34cee968f98d51d
ec54939728b8d4bf6094525ff14e8e2464928eee46ab884ea76f49ea4107699f
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 10:32:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 09 Dec 2022 07:22:48 GMT
ETag: "ba2f81aa311f918fd52f8170f34cee968f98d51d"
Last-Modified: Mon, 05 Dec 2022 07:22:49 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1210
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774c1ef3e858b51e-OSL
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2
35.192.38.184200 OK 17 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Hash b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/muli-v11-latin-600_29183793.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 17080
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5445
Cache-Control: max-age=86678
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:37:36 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
142.250.74.38200 OK 267 B URL HTTP/2 10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (516), with no line terminators
Hash 632e9196945296fb833ebbc8cf184b02
20f73aaa4844d71416c0dc4c8fbb6c48cb99a9bc
69abcf27f6557eee46b93cee2db2ee5daab9f794ee7432ccf67276779626ed2b
GET /activityi;src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 267
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 10:47:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
142.250.74.38200 OK 297 B URL HTTP/2 10701487.fls.doubleclick.net/activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (509), with no line terminators
Hash d57bd6816fc9dfb660f8857d60e58216
6134c038ae5adf21c4885465a856738db97fadf4
c2d5aac6e55237bd6e9f4ee6910105399cdf3500293765200deaf1fb0169aafb
GET /activityi;src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F? HTTP/1.1
Host: 10701487.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 297
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 10:47:58 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2
35.192.38.184200 OK 20 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Hash 3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/HuntingtonApexWeb-Medium_83242404.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 19976
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2
35.192.38.184200 OK 20 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Hash ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/HuntingtonApexWeb-Bold_27084106.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 19712
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2
35.192.38.184200 OK 19 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Hash 6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/HuntingtonApexWeb-MediumCaps_04829187.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 18636
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2
35.192.38.184200 OK 17 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Hash 8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/muli-v11-latin-700_36810083.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 17128
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2
35.192.38.184200 OK 17 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2
IP 35.192.38.184:0
File type Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Hash 3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/muli-v11-latin-300_31100486.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 16872
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
35.192.38.184200 OK 54 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
IP 35.192.38.184:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 69df1049afd0b1501d3257c654c36790
1601e9455202226f7ea4ceb05538e94819dea8bb
5d545e8e15418d75f06d855808b659ced32bb5076443375ad3c6f5166f96d18d
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/toolkit_71991539.css HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:32:56 GMT
ETag: "3884264941"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 54528
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
142.250.74.98200 OK 301 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (508), with no line terminators
Hash 1e56b40cf3b11fa11f61c33718eaceba
6ac138f2236708807cd6ee16ee43262a1a8251a0
092d4971e786ac31bb496d5f60e32e02c0a3f95c1340a6376aea23b94797669d
GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
142.250.74.98200 OK 270 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (515), with no line terminators
Hash 5eb8b15affb9b3432d4349299ae85a16
9e358679accc5b1ff894ef1a5ece33e1562bb503
49b8c4c769879d3e44dd5ba64b5a9e4752126fc84cb43e8f112fcbd63123425a
GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10701487.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cf-images.us-east-1.prod.boltdns.net/v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg
54.230.111.25200 OK 151 kB URL HTTP/1.1 cf-images.us-east-1.prod.boltdns.net/v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg
IP 54.230.111.25:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 151 kB (150996 bytes)
Hash da5b860911648a188fc910e30660eb9e
2fbd340381467f40bfb6da2d4998f5150d72189e
cca61104161d52fd05f2f822929e49c597e66756ffb62ec5d868281e2369c08d
GET /v1/static/1317241590001/f363b6f1-da34-4475-a6ac-ce608f8e2449/7f46be4e-ea4a-4d1a-ac3f-d9db56063886/1280x720/match/image.jpg HTTP/1.1
Host: cf-images.us-east-1.prod.boltdns.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Date: Sun, 04 Dec 2022 12:37:14 GMT
Expires: Mon, 04 Dec 2023 12:37:14 GMT
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Powered-By: BC
X-Powered-From: gantry
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jnX7YoJDynUOrRrLsWgA4JIPkZRw5_Km_H95kBzwGcRbkOXsvNGu4g==
Age: 78944
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
35.192.38.184/huntington/220213/1/website/
35.192.38.184200 OK 58 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/
IP 35.192.38.184:0
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (5848)
Hash 9efe1852c7156b3ec54d7d68da1c74de
1388fc4880defbf0527b8612634035f59e20d886
3fae5a51644c2ea24c185d80b34b0ae93e4d4291351461896d83faa0183427c5
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg
35.192.38.184200 OK 289 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg
IP 35.192.38.184:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5d142f7b5b1bd63965598deb8a43f60a
d3699c8e652ac1dbdd37f819a3c23dde84a9a66e
6a50365e1744a0adc31601958c180b31b8b64c5e99e85e6e568cef0d14f75785
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/icon_arrow-simple-down-green_46364764.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "1051321387"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 289
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg
35.192.38.184200 OK 32 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg
IP 35.192.38.184:0
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x308, components 3\012- data
Hash dc55374efaafedc5193b9f4c57e8f1a1
3dd9bd8ce4d6ef2eb8cd882ed580d57fc6991393
0dab592cbf8f71bce76059647380cb6e82ecb8c96b0e2d45c271563af101da3f
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
quad9 Sinkholed
GET /huntington/220213/1/website/files/west-broad-elementary-kids_44565318.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "4044916578"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 32055
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg
35.192.38.184200 OK 274 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg
IP 35.192.38.184:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 745b0c42a1091e7075fb9ba40cf231f2
2e535ed262673c84da3ec9fd17966d2d31811a05
4bfb3a12a7c28c3169ba75f5d0991808291a68ce3ab73a639f56aca1dd6826bc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/icon_arrow-simple-right-green_49321605.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3369047043"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 274
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5zeABK2IV53SpPQDbTndvA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yzjaJfwI6Db2WwsyVFx8IUyikiQ=
35.192.38.184/huntington/220213/1/website/files/columbus-urban-league_14920934.jpg
35.192.38.184200 OK 38 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/columbus-urban-league_14920934.jpg
IP 35.192.38.184:0
File type JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x309, components 3\012- data
Hash c387f7385b09799a1ed335ea997d838f
ef5c0a09094bcc0184b3445846146bfd844a880f
8dd84ba8c46c05c00cc9ee5ca020b95f976a0087cc3a70253bf3ff561ea66c3a
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
quad9 Sinkholed
GET /huntington/220213/1/website/files/columbus-urban-league_14920934.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "156796387"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 38135
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c0f2e44653544c31b236ab7bc136755e
334bc8c6fb8f449d245fbb6df33d7e7224d9bc24
c26c25c109ed5252473c1e29aae168cb8ea5de6a0094ecce4662f9540d11a0d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Last-Modified: Mon, 05 Dec 2022 09:39:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
35.192.38.184/huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg
35.192.38.184200 OK 82 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg
IP 35.192.38.184:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x394, components 3\012- data
Hash cd27928909fc074b62df26d22c6956c5
c135cb073ab1e740521c15d6fb5a0ad46150b40d
e7810f626da1d10dda8269c9183bab7b90be6ff348a9a39b28d415287986a288
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/pelotonia-06-opt_56326510.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "542695269"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 82226
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff2
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff2
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff2
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff2
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff2
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff2
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
142.250.74.66200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10701487;type=global;cat=allpv;ord=3809681347185;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:58 GMT
expires: Mon, 05 Dec 2022 10:32:58 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 10:32:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/lockup_24961966.svg
35.192.38.184200 OK 4.0 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/lockup_24961966.svg
IP 35.192.38.184:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3955), with CRLF line terminators
Hash 0e065e04a552548c4cedeee81d6411cd
0b5217b34772eb85f315d25991fd17df5c56eaee
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/lockup_24961966.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "4000015123"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 3960
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127
35.71.131.137200 OK 670 B URL HTTP/2 insight.adsrvr.org/track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127
IP 35.71.131.137:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 5x5, components 3\012- data
Hash 310c5a975e5141af4bcbbefd93fde28e
0321b1d121d2827ee0367f541ba7b448c51ed244
74bc22b92ce09cb6053e748724431981ba4db6340e454a5b59fa8672837eb92a
GET /track/up?adv=l6jmegy&ref=https%3A%2F%2Fwww.huntington.com%2F&upid=7bz3p7f&upv=1.1.0&id=ttdUniversalPixelTag1644744752980&td1=pub:%20home&td6=16454304553439677531308654393142070127 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:32:58 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png
35.192.38.184200 OK 43 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png
IP 35.192.38.184:0
File type PNG image data, 348 x 183, 8-bit/color RGBA, non-interlaced\012- data
Hash 70118ce336f07dec7e39798f14dd1f4e
6bdff0bf22662d925c3500dd5e85b10cc1be7006
80fd0dc8a1be6df4a7e26bb401f8ebb44f2b8981b549d03fcb3507bfa33bff31
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/Trophy_Mobile-Banking-App-Regional-21_Huntington_47406314.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2419638030"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 43237
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-600.woff
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-600.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-300.woff
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-300.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/muli-v11-latin-700.woff
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/muli-v11-latin-700.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff
35.192.38.184404 Not Found 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab99593efdf397078f11d9c37dd218a1
34540ffc5331cc545c1035b06a72b4f8d375973d
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/files/toolkit_71991539.css
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-top_43083073.png
35.192.38.184200 OK 9.5 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-top_43083073.png
IP 35.192.38.184:0
File type PNG image data, 860 x 304, 8-bit/color RGBA, non-interlaced\012- data
Hash 02bd3a14dd7a21be6cded613f71c1cce
56e31e0c9fc2ab7ba7de58114f74a62193c2253a
b7f59e660d1882d6346d721a458b9b347190c85be1847245252fae6fb225a52d
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/hex-pattern-small-top_43083073.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3217711215"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 9533
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png
35.192.38.184200 OK 1.7 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png
IP 35.192.38.184:0
File type PNG image data, 814 x 74, 8-bit colormap, non-interlaced\012- data
Hash e275909623f8a06dea733b9f50d68189
ee712255204c913c4adb9a2a9cd0f9ba9971ea8c
11c468e07fa0178954d85e2789a16c1c3d4d1b55ab5ca9f86f9f6512d1136b93
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/hex-pattern-small-bot_83492287.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2328650347"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 1709
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/hero-female-with-confetti_55015499.png
35.192.38.184200 OK 180 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/hero-female-with-confetti_55015499.png
IP 35.192.38.184:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size 180 kB (179897 bytes)
Hash 2187b23b6fdb0bbe8ce8ab47e0199f52
2006aa5547098682ca49287d380420a51298bd25
42df659c62e04d0964d843d4f6d8e55b8a2f66ea49317375d92f074819504116
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/hero-female-with-confetti_55015499.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2988844358"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 179897
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png
35.192.38.184200 OK 28 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png
IP 35.192.38.184:0
File type PNG image data, 1258 x 548, 8-bit/color RGBA, non-interlaced\012- data
Hash 52243d2120512a450edb610809ae03f6
c66bb8411e013d58daab2450702509e3a7035aa6
bdf5e368896137ecfd831ce0367f9168456c7fe489bde10dd38bba14e12263dd
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/hex-pattern1-flipped_26727345.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "249073641"
Last-Modified: Sun, 13 Feb 2022 11:32:54 GMT
Content-Length: 27631
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/community_36982493.png
35.192.38.184200 OK 30 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/community_36982493.png
IP 35.192.38.184:0
File type PNG image data, 348 x 183, 8-bit/color RGBA, non-interlaced\012- data
Hash 97ca3b87b1b42890effff5bdfef7ffde
0dc154eb7d50aad069bd768c2c09cf06ed9037ea
7e0d82e4b953501b4f3637afabcc98b55a701b14aa06a0910c3f8553d59e51f8
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/community_36982493.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2042136527"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 30345
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/jdpower_65826443.png
35.192.38.184200 OK 14 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/jdpower_65826443.png
IP 35.192.38.184:0
File type PNG image data, 348 x 183, 8-bit colormap, non-interlaced\012- data
Hash 5bedd3128543751090a0e7c5da9deeeb
e79270fff7df7e49003f251092845b7ea1b6be81
6dd3f660b379050f9ed0d6518f0f68775ba704ae50c031714cdf9084f9f45be0
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/jdpower_65826443.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2096666313"
Last-Modified: Sun, 13 Feb 2022 11:33:08 GMT
Content-Length: 14045
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif
35.192.38.184200 OK 552 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif
IP 35.192.38.184:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash 0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
quad9 Sinkholed
GET /huntington/220213/1/website/files/oo_icon_retina_black_95761852.gif HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/gif
Accept-Ranges: bytes
ETag: "3945188395"
Last-Modified: Sun, 13 Feb 2022 11:33:06 GMT
Content-Length: 552
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg
35.192.38.184200 OK 764 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg
IP 35.192.38.184:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 842c50db22ce317c9fdd556a89a56ed7
16618234768512011cbfa25fbe4a2058182c2438
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/EHL_Black_HouseOnly_80447876.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3626621961"
Last-Modified: Sun, 13 Feb 2022 11:33:10 GMT
Content-Length: 764
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/logo-honeycomb_94889960.svg
35.192.38.184200 OK 862 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/logo-honeycomb_94889960.svg
IP 35.192.38.184:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (859), with no line terminators
Hash d2196bd473b3068bf6a2039572174d75
1014cf0ecf71fc1eecffb0052397a918e60946f4
fab5a7680cedf011da8f0363b4a4d58a7adbdaae881af4034ae00f0f7231e792
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/logo-honeycomb_94889960.svg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Accept-Ranges: bytes
ETag: "3687838741"
Last-Modified: Sun, 13 Feb 2022 11:33:12 GMT
Content-Length: 862
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/image_67912096.jpg
35.192.38.184200 OK 119 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/image_67912096.jpg
IP 35.192.38.184:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 119 kB (118859 bytes)
Hash 2c9bc89ecb5363ed1f8c91cbe6ce1295
e21a3853a326b88afcb129aa902631141e18bf1a
485763ef80614bb7b81df7824499f2450008c025aba08b04fde41897dee441b9
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/image_67912096.jpg HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Accept-Ranges: bytes
ETag: "2099647716"
Last-Modified: Sun, 13 Feb 2022 11:32:52 GMT
Content-Length: 118859
Date: Mon, 05 Dec 2022 10:32:58 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png
35.192.38.184200 OK 25 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png
IP 35.192.38.184:0
File type PNG image data, 1258 x 544, 8-bit/color RGBA, non-interlaced\012- data
Hash e18615cf9ea2000e6c0be17c72ef7fcd
8a15d2af131574032cf5ab4c6bec9dea2984b565
dc5981d227feba716e80a78e85238235c69eed241e0cf0995b042457552bfe14
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/hex-pattern2-flipped_28513564.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "1385729835"
Last-Modified: Sun, 13 Feb 2022 11:32:54 GMT
Content-Length: 24762
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
142.250.74.66200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10701487;type=global;cat=uvisit;ord=1;num=7326711974957;gtm=2od290;auiddc=1573262703.1644744752;u1=pub%3A%20home;u11=16454304553439677531308654393142070127;~oref=https%3A%2F%2Fwww.huntington.com%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 10:32:59 GMT
expires: Mon, 05 Dec 2022 10:32:59 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/files/sp_12038580.pl
35.192.38.184403 Forbidden 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/sp_12038580.pl
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 029ae44b379d08114259b850f45de150
95b397b22a1424917656337ad39f0264c9c22f75
1a17a5e27c658004e3900653663f22969eaf852fa54d89488fbf3cfee29774d1
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/sp_12038580.pl HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/sp_41506732.pl
35.192.38.184403 Forbidden 345 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/sp_41506732.pl
IP 35.192.38.184:0
File type XML 1.0 document text\012- XHTML document text (version 1.0)\012- broken XHTML document text (version 1.0)\012- HTML document text\012- XML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 029ae44b379d08114259b850f45de150
95b397b22a1424917656337ad39f0264c9c22f75
1a17a5e27c658004e3900653663f22969eaf852fa54d89488fbf3cfee29774d1
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/files/sp_41506732.pl HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
23.72.139.65200 OK 806 B URL HTTP/2 www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (667), with CRLF line terminators
Hash 852ae132940505f4633bd1a4082afcfb
d5ef1efd526ffc33b1e414822c16a09004f66c43
b3e9fa00bb00cb6324fd33c108752978574a55d9c91d58f7e7462288b764bced
GET /nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://35.192.38.184/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: text/html
etag: "0d42de2dc28d81:0:dtagent10249220905100923HoHr"
last-modified: Wed, 23 Feb 2022 17:43:35 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-content-type-options: nosniff
x-ruxit-js-agent: true
x-oneagent-js-injection: true
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1439984110"
x-ua-compatible: IE=edge
x-akamai-transformed: 9 854 0 pmb=mTOE,3
vary: Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 10:32:59 GMT
content-length: 806
set-cookie: dtCookie=v_4_srv_7_sn_23E1DB9394FD6F1BF74A430A2F6664EF_perc_100000_ol_0_mul_1_app-3A0bd76d7cc9264013_1; Domain=.huntington.com; Path=/;
BIGipServer~PROD~p_eas-www2.lb.dmz.hban.us=rd30o00000000000000000000ffffac1705ceo443; Path=/; Secure; HttpOnly; Secure; HttpOnly
_abck=CF73BEACC15F601E37195ED96C280174~-1~YAAQPYtIF5rMWsCEAQAAsZjY4QmzZ5WRFtK7YkNduYreL+Vsevt2BLWRpNgeeDAumyI9U2ilp0ISN105upk0oGKc8PpgpNyR5IEuVBZ3tZbfRF/0Rsqdgf8UD32keGz2yBuJETCkQ7BhDgbq8UryjaBH0EjB11HF0C+YmPuczBHCSbnCJxtXxy8TBGDlq943Rc1iKw6VhDbQAMtVHRepaAytXOEiPyhQ3Zdm7n+pWF9DX5XYZ5GQNdC7dcjamrmfUDaDvLXN1xiof8xt32e+l66Rl5L36tWAq3iy61RUZlB2F9EoxwY6quSVtDy5SLLNvCH9ZIW/Utl9MAqesTDmMUXqoL9ZsmPgG8ii5ozF0S9s8jzUgBkWapn7uXbcNPOdXQ==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:32:59 GMT; Max-Age=31536000; Secure
ak_bmsc=4C1FCB566A3757191307060D4B2AD73F~000000000000000000000000000000~YAAQPYtIF5vMWsCEAQAAsZjY4RLbueplzpF6wy9qIU04u4o7k7xPFe1NOrhFoyWIRvdextX+r/5WHM9qwp24hs+mocpLhVVmGAeu8WMPB8s/e1UcX0ZCHoyJoJsx4LnLti25TJWWTFbWbflMEP2GQmXGlytDQsJdAUCUowrQC+j+ilRh6CsDhBAkM1sx4P8e6gLwKkrBy7pWs9UFdSTm0mF3hgf7IGamnVde7Ekqi2q2kULr12X6B0TLyHb9GRHor9jup4n7f4ZqJlDVNo2GeN9Fr4cRLe7CYmPCEv9xzn3XiC9ZMb8A/twrFbUuWv4EzMainauKwtZjzJAxMCJlGAOyuAFYn+7wMl5nxSK9pK9czvRgk+ekMFy6k+JqaX0M+M5/NFuezxhWq14bsQ==; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:32:58 GMT; Max-Age=7199; HttpOnly
bm_mi=EE94CF01A38B7AEF1216AB53856742AD~YAAQPYtIF5zMWsCEAQAAsZjY4RL6qyR4NMvl/EYhE4RoQ3WpV01D2rJsLhp+mL4KL11SWiTWNHmmby8LTpwDapnJ2N/mYOTbP/+EzPP4IovyMadCSrOdnXNSPHCvRn3c43xEmv/jVL7M4cGD/H9m02GKllWXC8qZpIC8h2DhZ9aQvXPnM8fOjoHljp0PMAJ74Xmn1WO1ZHDuAppzFr/Yp4yFNTQNhMRNt494whpDhay+kAHMuouoIsiScKj/O7RhNRmNmnAj2wNnjIAzQ6j9CSKPx0IhC2qBe/XiiKjjFWulo+weu6oN80r+4e77FpPLxuUSwBOcTxCixxeADhjCKqAjV6RPVgYm~1; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 10:32:59 GMT; Max-Age=0; Secure
bm_sz=5F7C1559C2689048D2FCC41612219EFC~YAAQPYtIF53MWsCEAQAAsZjY4RI6yK4vDfwdfPra+72AzqJaqR5gRjFz1KzCUxc1AG3QM4wNwjwytWNqGnZOZsF+jbcm6hfv3Lfry1WIXXLBQBE0zVOJJtoQseBhcV8vIsfHXGZ7U/GnkRrQeJdVV8isuoP3sqzKlUIKBdkC7DNy8/YZ6j5U/f2oFZOBiK342QT/Z+pVT+bax+jF9aJvG3NI3q+kKMX9OkbEYNfigQAJpBkxaoANespbTGQ3nSa14T422/nKz9xKPwIPYZONYD9a4H1roTtXx6V+ElxqX/2XxCohxW0o~3159619~3556934; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:32:58 GMT; Max-Age=14399
X-Firefox-Spdy: h2
www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js
23.72.139.65200 OK 90 kB URL HTTP/2 www.huntington.com/ruxitagentjs_ICA27Vfjoqru_10249220905100923.js
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (2058)
Hash 42d008db9f7da8ff48a7fcaff74bdcc1
e3af6f4db8b9a13160e5f07b6a6ccd43f484d113
ae8486847e63cf122a7db6b034249608903d72650f11f715c6e6dd1a2fb89581
GET /ruxitagentjs_ICA27Vfjoqru_10249220905100923.js HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/javascript; charset=utf-8
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
server: Microsoft-IIS/10.0
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 90360
cache-control: public, max-age=2397399
expires: Mon, 02 Jan 2023 04:29:38 GMT
date: Mon, 05 Dec 2022 10:32:59 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/files/apple-touch-icon-180_31130753.png
35.192.38.184200 OK 2.5 kB URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/apple-touch-icon-180_31130753.png
IP 35.192.38.184:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash b043b99ce57394e885a47758ebcc0711
f8b730760b2ca58d1e965dd3417505cef5758e69
f218c3bf79301cb22d90485e8757b99bd3f9ba3973811d7bfdd4b82d76d76ca3
Analyzer Verdict Alert quad9 Sinkholed
GET /huntington/220213/1/website/files/apple-touch-icon-180_31130753.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "3702481743"
Last-Modified: Sun, 13 Feb 2022 11:33:00 GMT
Content-Length: 2456
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
35.192.38.184/huntington/220213/1/website/files/favicon-16x16_01348987.png
35.192.38.184200 OK 629 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/files/favicon-16x16_01348987.png
IP 35.192.38.184:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b3edcae46fea41cde6b830ecfe7f89e4
f031fd0f0050d9601254e35eecb6d573585418f9
5c838bb93e9d85d3badb18e708a16a8287505922eada63ed4fb7495eaefb0a17
Analyzer Verdict Alert urlquery huntington Phishing - Huntington
quad9 Sinkholed
GET /huntington/220213/1/website/files/favicon-16x16_01348987.png HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://35.192.38.184/huntington/220213/1/website/
HTTP/1.1 200 OK
Content-Type: image/png
Accept-Ranges: bytes
ETag: "2662004163"
Last-Modified: Sun, 13 Feb 2022 11:32:58 GMT
Content-Length: 629
Date: Mon, 05 Dec 2022 10:32:59 GMT
Server: lighttpd/1.4.45
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11821
Expires: Mon, 05 Dec 2022 13:50:00 GMT
Date: Mon, 05 Dec 2022 10:32:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 44998
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 28066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:50:04 GMT
age: 20575
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:28:22 GMT
age: 25477
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 45618
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 45611
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.huntington.com/akam/13/632556de
23.72.139.65200 OK 8.8 kB URL HTTP/2 www.huntington.com/akam/13/632556de
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (14360)
Hash 45a2a90b3090598e5b2bc454ad9ce9fe
5b40d468fcc788ec90da67e1f1ba2ccfd9db79fe
659136c4f8d9db82c1a09c47db0eb5be5c9925d72989cb3a85e8e9fdd6a9b55b
GET /akam/13/632556de HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Feb 2022 15:06:50 GMT
etag: "09c87484c5f2be9b0a608409a65636e6484e65ae14f73fcfc3a1dfb2c07040bd"
content-type: application/javascript
content-encoding: gzip
content-length: 8798
expires: Mon, 05 Dec 2022 10:32:59 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 05 Dec 2022 10:32:59 GMT
vary: Accept-Encoding
set-cookie: ak_bmsc=8FE9C05AA3AD31453DDDBC1690597573~000000000000000000000000000000~YAAQPYtIF93MWsCEAQAACpvY4RK/x4igh1ujGakGEzhj7TV3q5CeRNJ44qC9UzTPsNvclIDryN76U1XQp2llsZmBHfS6qwgSVposw46lIoRippR2xqKQU7lQUK7ahvwOyxbKeJ4YaR3Wr+hhVTaafGPbW05dKPKzJ8c4QSm/qwndgGshgzFlz1RQbjEXYfCmWoR0rY2uHCuVmtb7tnUMO58p9JiLh9WCgx42c1Z4TfANVpuPlT0YLiBKoQ7spSgcvQicBx5RGvj8XYWhGY4N9VCazBLa8qW3I5F49WDCjJjkYBsRhZqHeZGwXxnExUuKlZQkO7wSSZLshreH5nRXLKZtsdtqY0avB4BaHn7CAPgCEnuVup0YFjn4pcUZbK9hSRk6/0POLihkoCGwXxu7ScOim29dyd6BR8w1lnITL09rLla3rvyPoRQ4KxwPvP1uGa94VkrW3DRMFKBkl6jQ58OHNNFzfRjmqitsxOFIpt/kGA==; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:32:59 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
52.177.241.160200 OK 2.0 kB URL HTTP/2 huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP 52.177.241.160:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1021)
Hash 6bb8153783efa9d79386ef1fd0b5d20a
b7b6f3bc8f05161166c883cedfba33d119761430
558588effb92606a76ebe3b5f006052f7021b461715225a613452546ab7e9995
GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/javascript
content-length: 1974
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: no-cache
samesite: Strict
etag: "7LnUGa92njb"
last-modified: Thu, 01 Dec 2022 06:36:04 GMT
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
23.72.139.65201 Created 18 B URL HTTP/2 www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2090
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=63423806B808F2D9D03E6FE3DA393F02~-1~YAAQPYtIF+7MWsCEAQAAjZzY4QnQHFeSq2PWHao5xMD9trZBTsD4muug6dARQfegUkH01Bk0Hh535Qp+JwBLY5nHRodIuduBtfxmlZa+xd3Ukl1Sw5Fysd6flc8MdVHiR+V+TU4rN0YUaYXNAVYVbSrGi6MfLNW1Tir/pfPQsN9DT+/HGhwMJh2eGXkCFgPCcLK7XJcspYXVseha1P1AgzefG2muDNafgbtdfY7fXZWHtCPWIDgmocsOkO1y+gtSWD40Et0Ws+DWLzkodSLmwaLcB5rptTenxKlQ+i4jwDLzeskf4RbsiLcC0d1pAuUHl2BoLMa1bZCLDMPUeU3y3vCxvbYUxMXMeZUxbxMSZRoVRdHplSar9zE8z/rrSrBlMA==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=BDEBE17B3F5E6A82E51F4F447D1ECF42~YAAQPYtIF+/MWsCEAQAAjZzY4RJt0fPQQ32JyiQLU1s0IlTHWzs9sSZwF2cRsVXV78EP4uH/kMcZGCGSW3OU3ofxFvzEVSoMAANq0fZgmudH+jlskp/ltbkivRQVvPNhhGfoFLLGEC89BiCtWkFDtMHyw2miLMGqKS/wUTEVOcMXROD/e7W3wlhE+ViBG8P1Eo1DfN53J+LrBPYpfxhPVwibaEHLYuWfywfDr/d++xrrYpeERygLyQPxV00EghgwSqGSUm1sf3ZLOKV+XtfJvbkWiVrdiBGiV9Zu2xOPlPzlim6noWgk~4272198~4601156; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:00 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.huntington.com/akam/13/pixel_632556de
23.72.139.65200 OK 0 B URL HTTP/2 www.huntington.com/akam/13/pixel_632556de
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /akam/13/pixel_632556de HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: application/x-www-form-urlencoded
Content-Length: 2672
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html
content-length: 0
date: Mon, 05 Dec 2022 10:33:00 GMT
set-cookie: ak_bmsc=5BBB32B700C69A78E10BD538EADE6789~000000000000000000000000000000~YAAQPYtIF//MWsCEAQAAmp7Y4RJGPSF3JkjqcLSBZld3h6w8pE7f81Y1M9lC3Goz4DOOOWg2tS9x2rmaJQHs7O8RWRe8yYnl+45D6GI7wB9CPGvh/V0tcZPuzyEdLOtsvw52aH697U7RC48EzIzxlO/swNGLSgClrSy26d/jza50RnuxlsSPhDJ2r6g20Bg0ljH+76ByaoNklCfLTU0oO9MoadDLlaQhiujsFZOAoHISBedbIOGRAoHxfcB3U7WCK54SDU+qcXBcuYngt0EFGnZ/+bi4MBr9UmFIMdcOHgW/rTKXAqfm1heExr6jM4qe2j6zWie/1BYBAEZtHoRBV9duOMH10iHazqQgROVEXSWxgOODh30jNWyYFRClPjGQSpq07Yuc7VOhIJZBGXIeEcka9PySzRc3TypO7a8eUs8UcOwScjffmr8nNH9iHRHilLz8Q8hS3Hxc2G71; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 12:33:00 GMT; Max-Age=7200; HttpOnly
X-Firefox-Spdy: h2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
23.72.139.65201 Created 18 B URL HTTP/2 www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2690
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:00 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=CADEEC1CBAEBBF636F61003D88990065~-1~YAAQPYtIFwDNWsCEAQAAqJ7Y4QlGKl0CRNLq3o7cO/yy8ZevLRxDmRnvw7d450t5KnJscCZUj/qvde/LmP8OIoK96PWe8WrLiPbvOCA8MAc47IckAuHE4zjk6C6gqnFDl/tZlrVFWx+4qpEA8NEXtN1e9A3vUmPB0M9r0fS7fZrElUxgfdOMFNq/yWAzRxUiWVZNwD3Ldd8mVWSZlHQDQ7vvjyJVwgqx1DBvDZ1MNrWTQK192qKNmDE42v+K1PNDvb6MNgkPIH3TRRZxc/22plh6iERE9fNC8Vy8lp+O6Q5N2TjSFDcwAECgPhLX86oyo/VvEq2r7yaQGUTuZnSq7xeRjyFdu4lkw28twt3UuLEie5JLl9Q3qQllMib0F7MAiA==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=2E933D4D04D644AAB72EFBFF1A22114D~YAAQPYtIFwHNWsCEAQAAqJ7Y4RIXTCNE+QkGe0AQCifsKjtSsuWLaczpwMMhtSTFqfkosgtysCHKe97T/YkJTSJgIoNFi6amRLslz8t6ahBv4be0HKqTc0zpRiqiP+/qlY3CCQ9A47p8kEngqve7iw8o8I+MBQi7/x1AcV9L07lSPhaa5iXpL+3Tsh961DmC+pEnfTs4Gbw3Sh4sJOdjtcwwsPvlwD8/HbdnpyDbLhCoODJktdRvaCe4q2TuYj+j7b934jdspFtpTpqc1t1EyCqpKTUJ0e5jJ92uFKX9UTSYJK71hf48~4272198~4601156; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:00 GMT; Max-Age=14400
X-Firefox-Spdy: h2
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
23.72.139.65201 Created 18 B URL HTTP/2 www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash d9e31441c04c32264c6821f4ec958ca5
8516f62844b4264d3ccaab00350323d07b9c50ef
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
POST /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Content-Type: text/plain;charset=UTF-8
Content-Length: 2688
Origin: https://www.huntington.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 201 Created
content-length: 18
date: Mon, 05 Dec 2022 10:33:01 GMT
content-type: application/json
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.huntington.com
access-control-allow-headers: Content-Type
set-cookie: _abck=2FDB69215A3E5AFEE4408BA3ABE29779~-1~YAAQPYtIFxHNWsCEAQAAjKDY4QlP9EVvjdzhNSNO4Of72hXzuox/CBPlKlHSfEnrHD62lXdA0tlF0qCUc5ro3dbvVRf2Y2VNYH4Q/zlFo0q6nevrEkJ9F8QA6LGbNuG030dpkzj0vzNOH95Enzn4HXBFuocTV7SvQgr/s0zVg7rYI4O08prr4Cb+Kk+SW/BHy6WKVrp+hU8bBZdaMV07O0iRLjR9KVpaP2Bcedv1HGp/1MifiExa9uSss7eA8k7HzcFgKaR4Ww5UoTzQvPcOS0YrE24S3C27qmsEzxYwXiobWCb34h+6VotVmTSWjaQOHsYU5/7DTS8siMv98+8KDVyDXA0fldboXV1QaGstJHBexXQiOhJY9jXzrOIjtocYGw==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:01 GMT; Max-Age=31536000; Secure
bm_sz=4F30714E01779D93431B5C2AAA150001~YAAQPYtIFxLNWsCEAQAAjKDY4RLTjiT35vLwl8Kti/kPzqYNLOU19a+J3yRZxJYpEukQ0iU/j79BPrge+lPCw+IdgSsjhkronCjkFzqZYo48oGz8h9iEQCkkexWgd0SL6lIcNlvQs3V2BIaAvci06XNr87+5/KnzeUgI3EzEm3XRwlt9fT1Aa/8wZeub+El/S9UelMabG39E039xHJ9DwJvSLHkMvYO6VJgETtWWNn5oqzGuVilHBsUern+KfvnkcsJIWps0yySKv/4fUUAE/eNiu2RSnnbV8jfbmCqUZlQIK1zmvgdP~4600897~4534854; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:33:01 GMT; Max-Age=14400
X-Firefox-Spdy: h2
35.192.38.184/huntington/220213/1/website/
35.192.38.184200 OK 0 B URL HTTP/1.1 35.192.38.184/huntington/220213/1/website/
IP 35.192.38.184:0
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
quad9 Sinkholed
GET /huntington/220213/1/website/ HTTP/1.1
Host: 35.192.38.184
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Last-Modified: Sun, 13 Feb 2022 11:55:16 GMT
ETag: "4014157624"
Content-Type: text/html
Accept-Ranges: bytes
Content-Length: 57883
Date: Mon, 05 Dec 2022 10:32:57 GMT
Server: lighttpd/1.4.45
www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
23.72.139.65200 OK 0 B URL HTTP/2 www.huntington.com/N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB
IP 23.72.139.65:0
ASN #20940 Akamai International B.V.
GET /N-j7sy04bhU8/DYpZiAHd7-/_2/akN5mN0Vi5EO/EHwtRzUrGAU/Bjp/LDUhmD2oB HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 31 Oct 2022 15:58:55 GMT
etag: "93eab3a0bb65580813c7bd658963fe649b396249081ec8ae963c7388b973964b"
content-type: application/javascript
content-encoding: gzip
expires: Wed, 04 Jan 2023 10:33:00 GMT
date: Mon, 05 Dec 2022 10:33:00 GMT
vary: Accept-Encoding
cache-control: max-age=21600
set-cookie: _abck=5A776F4BE1665CEF2B79517BE2B9F829~-1~YAAQPYtIF+jMWsCEAQAA+5vY4QnGoDYmGmmsBdkXyl9iaN1N97wd5FM5FbTuG5FHO14BV6RFUxkCgnOnRRVZykO17IfB/rg88SMS095MHK4G8II5qgbm5K8GzJhz/SgC0mBW06wt4+247cEVSN1pxi9YJjIRAt5iqO2yNlyCLprsACPrUnEWDqUz8dfihMIZwmoefUMJTH1pDvcMu+Wq/aO4cyJ8w7Ub4nRTQJd1sMobl8YM2me8rKnR9zNNucbflUTCEyRnprayBpmSEjdEx99qEjaztzSzBrrqJLIvrrMTmoVjn7IjkZmY/nVja2uLuolbEutRJRv46EeubQyPjlwELl0dZ4DsI8i1wi7IOyoVd21hlKh/4uAgdfJ0kzOGlg==~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 05 Dec 2023 10:33:00 GMT; Max-Age=31536000; Secure
bm_sz=E63367980D4620ADD85F3CFA458042FE~YAAQPYtIF+nMWsCEAQAA+5vY4RK+I+fqH92d8LvHDeVJWg/our8sbK4RvWdNzu1fud1VBD31vqyZW0q+xe6cEsS8BdgRYEVW4pdciaxvjHiG8tdUTSXk9FyfxnisJdS881bapnEEuJsbrz9q7QiHPGzOfOceY9rqNfSDGKooq21NcsHcZyIzmXujiS4bHdhdo9nK22/jWWdDt2WVhdK32qcHSo5KkQYR4/nvvn+YsHS27mv5F/VNCzQwqphA5d2BlbVbKyz64CABEUPAo5bVxjmLx8nsdcdVfa1IuewppDko5+COTdyf~4276802~3356471; Domain=.huntington.com; Path=/; Expires=Mon, 05 Dec 2022 14:32:59 GMT; Max-Age=14399
X-Firefox-Spdy: h2
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218
13.107.228.36200 OK 0 B URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1669876551218
IP 13.107.228.36:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /media/launch/chatLoader.min.js?codeVersion=1669876551218 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.huntington.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 18 Nov 2022 02:22:00 GMT
accept-ranges: bytes
etag: W/"22376-1668738120000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 0BMKNYwAAAAChsIZ/Xl5MRI+0/kJ7Syp4QU1TMDRFREdFMTgwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-azure-ref: 03MiNYwAAAACCFg6UjFUzT5Shd6atdYCfU1ZHMjBFREdFMDYwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Mon, 05 Dec 2022 10:33:00 GMT
X-Firefox-Spdy: h2