Report - huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373

Report Overview

Submitted URL
huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
IP
188.114.97.1
ASN
#13335 CLOUDFLARENET
Submitted
2023-11-30 05:56:08
Access
public
Website Title
Mobile Banking Login | Huntington Bank
Final URL
huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Tags
huntington financial phishing
urlquery detections
Phishing - Huntington

Detections

urlquery
55
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.huntington.com	56151	1994-03-28	2014-08-03	2023-11-26	510 B	5.2 kB	95.101.10.192
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-11-29	499 B	24 kB	151.101.193.229
ensighten.huntingtonbank.com	91425	2000-03-08	2019-02-13	2023-11-14	2.0 kB	40 kB	3.124.173.63
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-11-29	2.8 kB	520 kB	142.250.74.168
cdn.clinch.co	7154	2011-12-05	2016-06-28	2023-11-30	439 B	62 kB	54.230.111.65
s.yimg.com	375	1997-05-14	2012-05-21	2023-11-29	411 B	19 kB	87.248.119.251
huntingt-authv3.de	unknown	unknown	2023-11-19	2023-11-19	27 kB	2.1 MB	188.114.97.1
ocsp.e2m01.amazontrust.com	unknown	2007-05-11	2022-11-16	2023-11-29	350 B	751 B	54.230.218.11
mef957.dynatrace-managed.com	107553	2016-05-19	2019-04-14	2023-11-09	1.8 kB	334 B	100.24.162.178
trk.clinch.co	5423	2011-12-05	2014-12-18	2023-11-21	833 B	299 B	54.85.247.171

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (35)

	URL	Size	First Seen	Last Seen
	huntingt-authv3.de/assets/js/inqChatLaunch10006663.js.download	22 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/inqChatLaunch10006663.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen93 Hash 1c9d96d3f228156fd7e9df9c531871d1 a118554b1208e30af4a0fef948c9566b8e7f4a94 648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26 Loading...

	unknown	26 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-07-27 02:53:43 Times Seen24956 Hash 0096b3a75c132c10f6a90df56192e4d7 07cfa420d654e1531d97a9dccd23f4bede5edde7 7e519b79026424c478dc1b72f347eb1327c9d01dc2458973bafe2690ca7d016d Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	198 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:09 Last Seen2023-11-30 06:56:10 Times Seen2 Hash 7e2eb7725e3562a4686d719c261cd097 7198474215d40148e072150f9328393c63863438 e1285fbbb5c1ba502d33acba5384b883cbefdf8715157ec5e60d22d156f8cef9 Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=7.240978959308269&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373	319 B	2023-11-30	2023-11-30
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=7.240978959308269&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 IP 3.124.173.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:09 Last Seen2023-11-30 06:56:09 Times Seen1 Hash 04d3fd8c611ecfb231315cada22100d3 66c673469866e6c7b45ef165633c4c585d03f65f afc1f23c8513a8388c3565a146f2c9b0df997b13cfea11287b4d481ceb39ecc5 Loading...

	huntingt-authv3.de/assets/js/jquery-3.5.1.min.js.download	90 kB	2023-03-07	2024-07-27
Pretty URL huntingt-authv3.de/assets/js/jquery-3.5.1.min.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-07-27 02:28:36 Times Seen170900 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	unknown	26 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-07-27 02:53:43 Times Seen24957 Hash 8cf91652fc7787b535b26f390f9ed9af d39e49793059ab3b8a97b61bac69ad2a451c8ff2 f876a7b1e6234843f5d8487af055addd42fe6018d4f4e2f29ab08c0f08a85d94 Loading...

	unknown	26 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-07-27 02:53:43 Times Seen24955 Hash 91e37f24be76111b93a0ff728b96cddb e1740ea479e156d424cb918060d779528ecc8fae 49ef43da1c84ec34b398aaab43e8debad168559596297c7586e9c9e8239c79bf Loading...

	huntingt-authv3.de/assets/js/site-survey.min.js.download	7.5 kB	2023-03-07	2024-06-11
Pretty URL huntingt-authv3.de/assets/js/site-survey.min.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-06-11 23:14:02 Times Seen293 Hash 374ca92abaa98bc7b2f19fe64114a18b 4c0a1441026a9337d322d7ae5536df1427e5c140 7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806 Loading...

	unknown	26 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-07-27 02:53:43 Times Seen24953 Hash 339aaaa033bd435bc3d3442976b21150 309497f761b4649d113688cb611242810ed2a8bc 47536a23eb95f0f1d8f00b6ef54ac4553cc05d06ddce49260dab7dc9f083296d Loading...

	huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373	482 B	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen54 Hash 30092b66bd92ab05d4da2dbf5e412263 5e7611ebcec6a5b90317d3cc2d30f47c80dfb87a 19e22d179543fb3fc0d5dcc8502f6fbec83d3422090578ce035173b297fa6620 Loading...

	huntingt-authv3.de/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download	154 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen196 Hash d33104f26092658d2becbbfa66e9d1fb 9c33f190903b2664af1f20b3a16ce2dca13d8a49 4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	184 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:09 Last Seen2023-11-30 06:56:10 Times Seen2 Hash 473ef22bc050826064ccee5004417e01 10c8300f702d17e6d9416487f1afd358d5da392b 85c7470a3bf747fac13a63e9f32a44cabfe92874de5f62ed15e48ada0da92269 Loading...

	s.yimg.com/wi/ytc.js	18 kB	2023-06-26	2024-07-10
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-26 11:33:35 Last Seen2024-07-10 16:35:01 Times Seen17043 Hash 5c6ed25dce803fd84288922b8928409e 3ccc10546ae12f160bacac1e9e422af091ea4a41 480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91 Loading...

	huntingt-authv3.de/assets/js/outdated.min.js.download	1.1 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/outdated.min.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen89 Hash bc854aab7af244173e4dc2ca2a8f471a 1f0444814fabf2d764af527d1718e376ca0c89c1 11a2b7d65804df37c5d5801da23212eddb8530ffb15a5b67d77a8ccdcb5b8199 Loading...

	huntingt-authv3.de/assets/js/06bebd2b36rn240c2a1532a26141a767	72 kB	2023-03-07	2024-07-21
Pretty URL huntingt-authv3.de/assets/js/06bebd2b36rn240c2a1532a26141a767 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-07-21 20:17:13 Times Seen416 Hash 335f2776eaf4ca7eca9953d2240c3316 5f5702f072d8e721dd3557ccd2a0944b3cc58fa5 ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5 Loading...

	huntingt-authv3.de/assets/js/js	97 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:40 Last Seen2024-04-08 20:09:58 Times Seen87 Hash 67e765e44e7d18ed41711d7e4935bc50 0289b9754b56ba057550a7e7d62e0b3587e43f2d e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c Loading...

	huntingt-authv3.de/assets/js/7a8ba97f	33 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/7a8ba97f IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen66 Hash af77eedae6083a5bd6f07cec713ab58d 2804fbe107e6af68bf7e2d39cfb176987e1fc9ad 06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33 Loading...

	www.googletagmanager.com/gtag/js?id=AW-724266616&l=dataLayer&cx=c	210 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=AW-724266616&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:10 Last Seen2023-11-30 06:56:10 Times Seen2 Hash 8e8fc40837bc8f2c143122b816887040 0764df2988816220e4d98d50f6d255de596aead4 203369aeb9fe60de765d86ab03eacb467f036baf7d630e00046b8ff79e0eba81 Loading...

	huntingt-authv3.de/assets/js/121543311796381	21 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/121543311796381 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen87 Hash e3bf3fa0a912c14bfe1c0b7282fbfa8a 96b0a4a037c23ce2e7bc90c146610c473549665a 1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138 Loading...

	huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373	33 B	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen39 Hash 9671cdd78be44428a6396c3962992821 956a083d2f430a50e7193ca9cfc72b8ba11407c1 c786cc12c5317c364317a10c584eb7bff7e321c5e38d0d121d35801f2f3b89f3 Loading...

	huntingt-authv3.de/assets/js/toolkit.min.js.download	462 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/toolkit.min.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen81 Hash 325f5dd8b44503ea1799409a40addb9e 3887ffbc86f01677d34cce7ac8839305e175e97a dbe44f4b698a44798e63a0177f6283a2dff01335f142be72dccfedd66e91554e Loading...

	www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c	210 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:10 Last Seen2023-11-30 06:56:10 Times Seen2 Hash 82dcaad38a93644bfbcc14a49ca8cb6e 0d6f03535598fe8c0dbad29f41ee74691ddcf273 25ec587bb1644ccfef23818e6e9a7975d27368c532ed27767ba04da211efdeaa Loading...

	www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c	203 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:10 Last Seen2023-11-30 06:56:10 Times Seen2 Hash d21f11c87a039f8e2954621d3b5d6bb0 838cdbeeb40f1eec91abd4914a6f68005e982b94 ba46867d3666985052336439bd3f6d3b64954c71407ae13f97fbf5a51b48f1b4 Loading...

	huntingt-authv3.de/assets/js/fbevents.js.download	90 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/fbevents.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:33 Last Seen2024-04-08 20:09:58 Times Seen98 Hash 61df3554472fe8057b5ae4537648d00d 125767dc32df57aa86a64801d9457923e378b397 e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca Loading...

	huntingt-authv3.de/assets/js/ytc.js.download	15 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/ytc.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen251 Hash 49db10c8315384e8dad2e92a6841ed81 f576976a579cd50da6b717db5d48e1ea7137f744 63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478 Loading...

	huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373	149 B	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen54 Hash ac7f43c44fed4cf6e09d96b5a4357066 8e27fa7a539f5061bddf860541196d42c3655295 1a942a06f7da3702b3aba558359f26651da850132325b59469c65476655d3443 Loading...

	huntingt-authv3.de/assets/js/Bootstrap.js.download	226 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/Bootstrap.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen177 Hash 8746e0eaa34beca77c5679a495ed1d3a f8bc25c85508043935f3e63ff5cd1196c35762d6 83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991 Loading...

	ensighten.huntingtonbank.com/huntington/com/code/888d2dbb9a1987f2098524b7be7dad2d.js?conditionId0=422774	148 kB	2023-08-17	2023-12-25
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/888d2dbb9a1987f2098524b7be7dad2d.js?conditionId0=422774 IP 3.124.173.63 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-17 22:54:53 Last Seen2023-12-25 09:56:13 Times Seen170 Hash 8c781e543d024387d6f64176d28bcfaa dc60511fe3f1f01068a61cfcd268c67ad8ffe20e b3b979dd0dfece67ba753b46fab30ce9d1fca3a29788d6b1ff7339d6be918649 Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	9.2 kB	2023-10-31	2023-12-02
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 54.230.111.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-31 18:48:35 Last Seen2023-12-02 23:49:58 Times Seen38 Hash caf8e39b5254a962fc0052a7f041f1b3 930edeb19f1b312146615335d7d0615aeba3e300 68b1a4b17909d00e943d68b7a9cbd71fe613b0fc32da7985470865495b282477 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c	153 kB	2023-11-30	2023-11-30
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-30 06:56:10 Last Seen2023-11-30 06:56:10 Times Seen2 Hash 2ff119068eb0b3c6bbfef6ef4f54281a 6787d5e7aa141ed020d55bd3bfa103f23abffbe3 815d4be8ccf5e839ecd5c6dbdb36d98be7960f4c52bda8f4f781fe3f984f91cf Loading...

	huntingt-authv3.de/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download	182 kB	2023-03-07	2024-04-08
Pretty URL huntingt-authv3.de/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:04 Last Seen2024-04-08 20:09:58 Times Seen94 Hash 227400e4070ac91189e80b05077abe20 714374d4c852c2058b1df7f4a6ff9f7acc164867 d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8 Loading...

	huntingt-authv3.de/assets/js/bat.js.download	28 kB	2023-03-07	2024-07-21
Pretty URL huntingt-authv3.de/assets/js/bat.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-07-21 11:55:06 Times Seen228 Hash f07693f6368c988acd20de4362479103 d04355e119fac2c9104c4fe98015e22f3f181d93 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515 Loading...

	huntingt-authv3.de/assets/js/oo_engine.min.js.download	46 kB	2023-03-07	2024-06-11
Pretty URL huntingt-authv3.de/assets/js/oo_engine.min.js.download IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-06-11 23:14:02 Times Seen411 Hash 3023bde795e4926691e3691ace0d9356 053c86b53ec7bca624cffc3f6321697d35a1c5d5 1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5 Loading...

	unknown	26 B	2023-03-07	2024-07-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-07-27 02:53:43 Times Seen24958 Hash 813f7afe12806d2df1c685b53ab49c0e 8ebc2ee97e18dd336b670b53dbccdfb8788a5825 ab008176ac77145e392d8392787e81c90c2592a54b1590d8779c74f956c0e46a Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-07-27
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-07-27 00:25:01 Times Seen8279 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

HTTP Transactions (54)

URL IP Response Size

cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css

151.101.193.229

23 kB

URL
cdn.jsdelivr.net/npm/bootstrap@4.0.0/dist/css/bootstrap.min.css
IP
151.101.193.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65325)
Size
23 kB (23140 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /npm/bootstrap@4.0.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.0.0
x-jsd-version-type: version
etag: W/"235ed-iVElpFIqOxDuetoG7mUDWHy/lcU"
content-encoding: br
accept-ranges: bytes
date: Thu, 30 Nov 2023 05:55:50 GMT
age: 20118443
x-served-by: cache-fra-eddf8230117-FRA, cache-bma1631-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23140
X-Firefox-Spdy: h2

huntingt-authv3.de/assets/img/oo_icon_retina_black.gif

188.114.97.1

200 OK

552 B

URL GET HTTP/3
huntingt-authv3.de/assets/img/oo_icon_retina_black.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/img/oo_icon_retina_black.gif HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: image/gif
content-length: 552
last-modified: Mon, 02 Nov 2020 23:59:26 GMT
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0piGyMSlgCRXsiUQmW6uWqNDY8YX1%2BPBM1%2FKg7DaTXacL1U%2ByhZwq6qopJBsJQbb2Xmyx6mWqY3WE9e8ISLfiqg8%2FZch2N5m70ZSkA%2BmGv7z6hf5nKWBe%2FXna%2BQjcKEEj7KtVi8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0d815a997569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373

188.114.97.1

200 OK

47 kB

URL User Request GET HTTP/3
huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3686)
Size
47 kB (47086 bytes)
Hash
a5d37435ed7dfe018f25f91bf94f8e6d
8e7b44891ec066d77c96d2763fa7a5ddd5f95f75
263c1c214a87243791fd4d0e7167aadc79ef3a3063ee30ab37f44fd63d1f9afc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: chk=test; expires=Thu, 30-Nov-2023 06:05:53 GMT; Max-Age=600; path=/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ibDsqF2HhtCg5foNaSg1r14uCuiDMqtx0Of7YUpWt6p8kaElsK4%2FP3FjwLibfbSinALSkB90MJjSmTlryi6zTR043mcsWzxZfBSCyyV%2FTPBCcnrbnXUS8DcmEvXwBtVDfHtCzj0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d80e2d8e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/7a8ba97f

188.114.97.1

200 OK

33 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/7a8ba97f
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (19024)
Size
33 kB (32863 bytes)
Hash
af77eedae6083a5bd6f07cec713ab58d
2804fbe107e6af68bf7e2d39cfb176987e1fc9ad
06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/7a8ba97f HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-length: 32863
last-modified: Mon, 02 Nov 2020 19:48:48 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fA9SXY5QgHX92gMq0p5TtoDse%2FnxpjknevI2D8e0vyl47NPWmq%2B%2F4M8phve2MbRnjJbhg2YeBk945GmV1wJVsu8dp2BdwSuMarjBzmKfpGTud997O8QcEmSqsVKVoDSy0bzWeNs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a992569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/js

188.114.97.1

200 OK

97 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (2639)
Size
97 kB (96892 bytes)
Hash
67e765e44e7d18ed41711d7e4935bc50
0289b9754b56ba057550a7e7d62e0b3587e43f2d
e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/js HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-length: 96892
last-modified: Tue, 03 Nov 2020 20:36:48 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82vkMoyCV2MDvaX%2B6dbhkzta4BFISwh5vpYzkhlQVzjn7rWhFPbJVHeSiwRjynOtpAaI2RXNQD%2B1cEZrE7ggmLvL1oMpt1ZC6Xn7mcEk48vXEmQIhKblVAqsOq2Tac9yePKhDFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158979569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/06bebd2b36rn240c2a1532a26141a767

188.114.97.1

200 OK

72 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/06bebd2b36rn240c2a1532a26141a767
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (72012 bytes)
Hash
335f2776eaf4ca7eca9953d2240c3316
5f5702f072d8e721dd3557ccd2a0944b3cc58fa5
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-length: 72012
last-modified: Mon, 02 Nov 2020 19:48:48 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HcRspiNefdikdjz1nFu4D07TCFmkVFc458S6%2FxzgVdLoPA8aWz%2FxZOPqGeVLtBqW6fke1MVm4vXq3wJaG6Z8utQWn3OgbGQ5OCfiq%2FVv6QMkE4JQFu38MyF5bQHrLlTuGTR7wMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d816ba20569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/img/favicon-16x16.png

188.114.97.1

200 OK

629 B

URL GET HTTP/3
huntingt-authv3.de/assets/img/favicon-16x16.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
629 B (629 bytes)
Hash
b3edcae46fea41cde6b830ecfe7f89e4
f031fd0f0050d9601254e35eecb6d573585418f9
5c838bb93e9d85d3badb18e708a16a8287505922eada63ed4fb7495eaefb0a17

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/img/favicon-16x16.png HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test; dtCookie=-15$D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA; rxVisitor=17013237586304S6N3NRE50D857LP30MSQSKM0H0U8H6R; dtPC=-15$323758596_696h1vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0; rxvt=1701325559393|1701323758633; dtSa=-; dtLatC=6; loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:56 GMT
content-type: image/png
content-length: 629
last-modified: Mon, 02 Nov 2020 20:02:32 GMT
age: 5617
ddg-cache-status: HIT,MISS
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C69rPT2ZF%2FoY4Rhz%2BEwpoyTOoWdYY3Y5GW9%2BfybIoQBSfZ8LceWzkwiPGMut3EkO8yU%2FgknPQYwQjXqtasmV2Bzn3Mq3pAA0OOPVxVuWSRlWAk7UfcuWpOec9l5nnTYek5EUmVg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82e0d823887a569b-OSL
alt-svc: h3=":443"; ma=86400

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fhuntingt-authv3.de%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

3.124.173.63

204 No Content

0 B

URL GET HTTP/2
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fhuntingt-authv3.de%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
3.124.173.63:443
ASN
#16509 AMAZON-02

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerEntrust, Inc.
Subjectensighten.huntingtonbank.com
FingerprintD2:CB:B7:7A:8B:06:3B:10:5F:DA:B2:C8:11:C5:99:DE:24:4A:99:45
ValidityTue, 02 May 2023 14:04:33 GMT - Wed, 01 May 2024 14:04:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fhuntingt-authv3.de%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Thu, 30 Nov 2023 05:55:56 GMT
server: CloudFront
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3w1WBjgU1LLxb4lvOsg1aN4CMmIXWbT4NdBQ_Z30IIvSJufULGOu4A==
age: 870
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.168

200 OK

67 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
67 kB (67216 bytes)
Hash
473ef22bc050826064ccee5004417e01
10c8300f702d17e6d9416487f1afd358d5da392b
85c7470a3bf747fac13a63e9f32a44cabfe92874de5f62ed15e48ada0da92269

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67216
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
20 kB (19988 bytes)
Hash
655ad496604d87af63f9df9a16d25d72
214467e9eca95a6116e91af28ef8e7343cfc0550
472db8137a1b381759d9d083888b380f94432d7def72e82c60afbf5a6a21e451

HTTP Headers

GET /assets/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:56:14 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LF6VzW%2B5ORtEg8bnLTKc5O7xQDGB4FOTYHQp8%2FT%2Fd4JL4UGYVaNnjsX7SB3au17Jmj7%2BHAlgwScrUnP0EFa42yJDMew%2F%2BbmmkXQcJxE1B%2F5d4StqkLprDZ0J2%2F0gwozpcgKTw50%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159980569b-OSL
alt-svc: h3=":443"; ma=86400

ocsp.e2m01.amazontrust.com/

54.230.218.11

280 B

URL
ocsp.e2m01.amazontrust.com/
IP
54.230.218.11:0
ASN
#16509 AMAZON-02

File type
data
Size
280 B (280 bytes)
Hash
b9b5099df9fda258c9a1ec3e05d0542c
e41fa13d2319cd120ebf99918be4dad5857a73ac
3673a7e4cf6a4d79337ee10efabce9a50a672c260a19d2d9541ba0a1127e29d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.e2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 30 Nov 2023 05:55:56 GMT
Last-Modified: Thu, 30 Nov 2023 04:16:53 GMT
Server: ECAcc (amb/6A94)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 87KSyP9ImqYIAyCC3fJ_ZPygzjMYz4iWxkStBzgOZ10XhAcPx7aQtg==
Age: 5943

cdn.clinch.co/a_js/client_pixels/clq/script.min.js

54.230.111.65

200 OK

61 kB

URL GET HTTP/2
cdn.clinch.co/a_js/client_pixels/clq/script.min.js
IP
54.230.111.65:443
ASN
#16509 AMAZON-02

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerAmazon
Subject*.clinch.co
Fingerprint72:AA:B0:02:98:13:E2:E1:FB:E7:EA:C9:45:78:0B:6B:58:BA:66:D4
ValidityMon, 27 Mar 2023 00:00:00 GMT - Wed, 24 Apr 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
61 kB (61354 bytes)
Hash
5734073b0aa968494f527528bf01eda5
ba4df4382421671ac24d382c184a8e12c0c010aa
54037ec7d669736636599fd19f33af55f3a624f9961559b65dfc365dd8bb3c56

HTTP Headers

GET /a_js/client_pixels/clq/script.min.js HTTP/1.1
Host: cdn.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 31 Oct 2023 10:57:09 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Thu, 30 Nov 2023 02:52:47 GMT
etag: W/"caf8e39b5254a962fc0052a7f041f1b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LxdDROWhDolx9daQ2qBRmRoeqqHjXY38rWGy06C2vRDA9UelmGJfvw==
age: 11131
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

142.250.74.168

200 OK

72 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
72 kB (72104 bytes)
Hash
7e2eb7725e3562a4686d719c261cd097
7198474215d40148e072150f9328393c63863438
e1285fbbb5c1ba502d33acba5384b883cbefdf8715157ec5e60d22d156f8cef9

HTTP Headers

GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

142.250.74.168

200 OK

74 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3026)
Size
74 kB (73712 bytes)
Hash
d21f11c87a039f8e2954621d3b5d6bb0
838cdbeeb40f1eec91abd4914a6f68005e982b94
ba46867d3666985052336439bd3f6d3b64954c71407ae13f97fbf5a51b48f1b4

HTTP Headers

GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
75 kB (75149 bytes)
Hash
82dcaad38a93644bfbcc14a49ca8cb6e
0d6f03535598fe8c0dbad29f41ee74691ddcf273
25ec587bb1644ccfef23818e6e9a7975d27368c532ed27767ba04da211efdeaa

HTTP Headers

GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/gtag/js?id=AW-724266616&l=dataLayer&cx=c

142.250.74.168

200 OK

75 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-724266616&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
75 kB (75152 bytes)
Hash
8e8fc40837bc8f2c143122b816887040
0764df2988816220e4d98d50f6d255de596aead4
203369aeb9fe60de765d86ab03eacb467f036baf7d630e00046b8ff79e0eba81

HTTP Headers

GET /gtag/js?id=AW-724266616&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-15%24D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA;dtLatC=6;referer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373;visitID=KPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0;app=0bd76d7cc9264013;end=1

100.24.162.178

200 OK

28 B

URL POST HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-15%24D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA;dtLatC=6;referer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373;visitID=KPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:443
ASN
#14618 AMAZON-AES

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjectmef957.dynatrace-managed.com
Fingerprint1A:FF:4E:53:3A:46:D3:B7:FD:11:5F:A4:50:A2:27:5E:D1:47:03:E0
ValidityThu, 28 Sep 2023 19:10:22 GMT - Wed, 27 Dec 2023 19:10:21 GMT

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-15%24D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA;dtLatC=6;referer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373;visitID=KPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2985
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 05:55:59 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

ensighten.huntingtonbank.com/huntington/com/code/888d2dbb9a1987f2098524b7be7dad2d.js?conditionId0=422774

3.124.173.63

200 OK

38 kB

URL GET HTTP/2
ensighten.huntingtonbank.com/huntington/com/code/888d2dbb9a1987f2098524b7be7dad2d.js?conditionId0=422774
IP
3.124.173.63:443
ASN
#16509 AMAZON-02

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerEntrust, Inc.
Subjectensighten.huntingtonbank.com
FingerprintD2:CB:B7:7A:8B:06:3B:10:5F:DA:B2:C8:11:C5:99:DE:24:4A:99:45
ValidityTue, 02 May 2023 14:04:33 GMT - Wed, 01 May 2024 14:04:33 GMT

File type
gzip compressed data, from Unix\012- data
Size
38 kB (37688 bytes)
Hash
7044385c84a9e59b90982f91f67adb8e
cc589022f36bf62e846120b7bb61aee0f07f5f00
dc2f4693bb1995c7741db87785e150d3b0a5f8310d33b8cfdf9affdb8bb9ca3a

HTTP Headers

GET /huntington/com/code/888d2dbb9a1987f2098524b7be7dad2d.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:55:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Aug 2023 17:10:59 GMT
etag: W/"8c781e543d024387d6f64176d28bcfaa"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: WmYvPGA5mAlyuaiWnpeNS8ff9Sf4HpnX
server: CloudFront
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 3c38wc6i1Pw3TLCD_19dBUIOKeFsMFrBip2lkDWX1fM9Eh3bnfzWGg==
age: 2438037
X-Firefox-Spdy: h2

100.24.162.178

200 OK

28 B

URL POST HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-15%24D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA;dtLatC=6;referer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373;visitID=KPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:443
ASN
#14618 AMAZON-AES

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjectmef957.dynatrace-managed.com
Fingerprint1A:FF:4E:53:3A:46:D3:B7:FD:11:5F:A4:50:A2:27:5E:D1:47:03:E0
ValidityThu, 28 Sep 2023 19:10:22 GMT - Wed, 27 Dec 2023 19:10:21 GMT

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-15%24D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA;dtLatC=6;referer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373;visitID=KPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 8725
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 30 Nov 2023 05:56:01 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

huntingt-authv3.de/assets/css/site-survey.min.css

188.114.97.1

200 OK

4.4 kB

URL GET HTTP/3
huntingt-authv3.de/assets/css/site-survey.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (4390), with no line terminators
Size
4.4 kB (4388 bytes)
Hash
cbc9c35f82525f69a000bfd4a44774a6
e86ce42cc72bf577ece9153ec4630f117165e973
0643ef1189b846f8e023e65ef3c277fffebd86b1584aa59e13cd8877bb7f63ef

HTTP Headers

GET /assets/css/site-survey.min.css HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/css
last-modified: Mon, 02 Nov 2020 23:21:36 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8hAtSrO466bf8J%2BKuwm4tYqcRgibJAYezsLGLKNanLNotsN1lf9IDyY3P1OloiUkIjDoVB%2BGNfCfCk8lvyx9WGtIDOx%2FHR9638FiL6omtKRVqtKteVxcBx8%2BrC6O9Hp2YMXIQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159988569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

18 kB

URL GET HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:443
ASN
#203220 Yahoo! UK Services Limited

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerDigiCert Inc
Subject*.api.fantasysports.yahoo.com
Fingerprint73:32:A8:90:C9:6F:41:1C:ED:AA:2A:95:41:24:4E:E2:B2:AB:FB:D6
ValidityMon, 06 Nov 2023 00:00:00 GMT - Wed, 27 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (18187), with no line terminators
Size
18 kB (18187 bytes)
Hash
5c6ed25dce803fd84288922b8928409e
3ccc10546ae12f160bacac1e9e422af091ea4a41
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: QZexXZ4Wcq4MinKCrb9ZYf+zBHeMj1fciDYeVZrtGaqSzxTC/qp4K8YcCCw2rC2oU6XxZ/MV/L08uv8seQ4vIA==
x-amz-request-id: AESXSEW27ZXE57XJ
date: Thu, 30 Nov 2023 05:55:55 GMT
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "5c6ed25dce803fd84288922b8928409e-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 2
content-encoding: gzip
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

huntingt-authv3.de/assets/js/121543311796381

188.114.97.1

200 OK

21 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/121543311796381
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (6957)
Size
21 kB (21019 bytes)
Hash
e3bf3fa0a912c14bfe1c0b7282fbfa8a
96b0a4a037c23ce2e7bc90c146610c473549665a
1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/121543311796381 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-length: 21019
last-modified: Mon, 02 Nov 2020 19:48:44 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSHsgbA9lGC3zUu2EespD3WywbwMRIknGz5LxYUbscZIYRbd4q0dXPOcNUMLfsq4QBgc4GbIhpJs7VdY5SLGNR4YXW7thErKat735v8v0q1OSgeG7Jjlt5unHxgyKIUjNFQqENs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158974569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/

188.114.97.1

403 Forbidden

318 B

URL GET HTTP/3
huntingt-authv3.de/assets/js/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (329), with no line terminators
Size
318 B (318 bytes)
Hash
a76e0e5ab2f70dec98377f906933120d
e8c746560f35a864b6eb16568c58c12127bb564d
72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0

HTTP Headers

GET /assets/js/ HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEvL9sWORihwI%2BNBBB5J7BM1UBgTAEhIxbZQVR6o8RlPL2PGMRLNOTqg3yRIG2yNyOBiOJCQ8gEwuZvq6H21EWn4n24DjJrV70AHXVTYgNNwkrHd7sSqBXK3O1f05b%2F2TpMSoBQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158976569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

95.101.10.192

200 OK

4.4 kB

URL GET HTTP/2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
95.101.10.192:443
ASN
#20940 Akamai International B.V.

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerEntrust, Inc.
Subjecthuntington.com
FingerprintC4:98:89:4E:25:FE:D2:64:CB:3C:B3:35:B6:D8:32:C4:0A:87:A1:7B
ValidityThu, 31 Aug 2023 20:22:39 GMT - Fri, 19 Apr 2024 20:22:38 GMT

File type
ASCII text, with very long lines (4390), with no line terminators
Size
4.4 kB (4388 bytes)
Hash
cbc9c35f82525f69a000bfd4a44774a6
e86ce42cc72bf577ece9153ec4630f117165e973
0643ef1189b846f8e023e65ef3c277fffebd86b1584aa59e13cd8877bb7f63ef

HTTP Headers

GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
pragma: no-cache
last-modified: Tue, 14 Nov 2023 17:35:48 GMT
accept-ranges: bytes
etag: "072f12117da1:0"
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000; includeSubDomains
server-timing: dtSInfo;desc="0", dtRpid;desc="2121510682"
content-encoding: gzip
content-length: 1129
cache-control: private, max-age=0
expires: Thu, 30 Nov 2023 05:55:56 GMT
date: Thu, 30 Nov 2023 05:55:56 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

huntingt-authv3.de/resources/06bebd2b36rn240c2a1532a26141a767

188.114.97.1

404 Not Found

315 B

URL POST HTTP/3
huntingt-authv3.de/resources/06bebd2b36rn240c2a1532a26141a767
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-dtpc: -15$323758596_696h2vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1329
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test; dtCookie=-15$D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA; rxVisitor=17013237586304S6N3NRE50D857LP30MSQSKM0H0U8H6R; dtPC=-15$323758596_696h2vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0; rxvt=1701325558790|1701323758633; dtSa=-; dtLatC=6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgIrPbr%2Fdd0shdG12u5IJ8wldHIZ0pj2GOA5EWQavc8F9j%2BEFveI2Mstro7nwsGzxPdL5iz7CjNgIEl0DkdTQSLi1q3uRS2Dm9u0URxXKgfb%2B7b43CCsSnFcAf%2FHXzyup3RLRsE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d818db42569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Bold.woff2

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Bold.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:55:42 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FYxVf%2BkXqiIx%2FrspPEE1ph7zNsER%2FWi6NoadMNhVU3iD7B6fActccgiUBLTIz75dXU%2BpFE1rBOyM00IvZ73OX94LmsL3Bh%2FG3ooefleaH3abD7U0lcuZXKWCybMNWHemFBPFNJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815897e569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download

188.114.97.1

200 OK

154 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (543)
Size
154 kB (154122 bytes)
Hash
d33104f26092658d2becbbfa66e9d1fb
9c33f190903b2664af1f20b3a16ce2dca13d8a49
4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmw6fdoynde4tnh0s0HHZ33Y9cYYlSxpsU6WkZ18g9F%2BojkLosa7n7zit5gU3l0FhaPoALLKrFACLkj%2BB0qRBs9qTgkjld92m8wjH4joDTMNbkUt0WyMKghYxf5LNx%2F4dOlUbl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815897a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/img/lockup.svg

188.114.97.1

200 OK

3.9 kB

URL GET HTTP/3
huntingt-authv3.de/assets/img/lockup.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3953), with no line terminators
Size
3.9 kB (3942 bytes)
Hash
aa279ba41067c63492090aa6e66bdfb7
c63be4b8134fe8d53afddb0912f35d9e70d7fff5
431d0b31337b9f683c651fa1a73ee0f2c6be86a4f81a542f3e0b7963a499270b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/img/lockup.svg HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Nov 2020 21:54:14 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sd4EhBnRptPEqeDWjaZ2Faw0eYuplBOQxLEiPstthluA3OzBiZNvGwJGr7IRtFJirW12rkBy3Af99qpoglSsDH%2Be6tEHf3I7qTR%2BK1zV84mnEtjXjZ1GB5AtNr%2F%2BsEw8Oc%2F3n5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a996569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/toolkit.min.js.download

188.114.97.1

200 OK

462 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/toolkit.min.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type

Size
462 kB (461456 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/js/toolkit.min.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:55 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm3YuMXDOow0aq1%2BWqpNLp8pA1FWO9f2VkLSXmGkBTHwB7n82vVrIY0LmYyldnbkA6%2F%2BMa2b7Liq%2Bo1SA0%2F9FQLMPnTM%2BC6u1ghyFUitiBCrTBp7BS2wM9nrXYGbjJD5xIh4Ou8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a98b569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

142.250.74.168

200 OK

153 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (2213)
Size
153 kB (153081 bytes)
Hash
2ff119068eb0b3c6bbfef6ef4f54281a
6787d5e7aa141ed020d55bd3bfa103f23abffbe3
815d4be8ccf5e839ecd5c6dbdb36d98be7960f4c52bda8f4f781fe3f984f91cf

HTTP Headers

GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Nov 2023 05:55:56 GMT
expires: Thu, 30 Nov 2023 05:55:56 GMT
cache-control: private, max-age=900
last-modified: Thu, 30 Nov 2023 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57903
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

huntingt-authv3.de/assets/js/

188.114.97.1

403 Forbidden

318 B

URL GET HTTP/3
huntingt-authv3.de/assets/js/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (329), with no line terminators
Size
318 B (318 bytes)
Hash
a76e0e5ab2f70dec98377f906933120d
e8c746560f35a864b6eb16568c58c12127bb564d
72a08d90f531230bbdb3e582280b10246ab1f74c2afc3848a7645628c1365ed0

HTTP Headers

GET /assets/js/ HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BDDHdnRImGVdMHzVAuSXQ5aVoqX1P2odJBnaj2Lz%2BnMSxQHCHsxX4uzaQbaDE1fx2f4ZO%2BwsFJe5k1j6nFn0kANzz8aukbM0l5A5zXcGT56gcrGip0KPTkspZVFOiBAc3NXrXw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8172a4f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/jquery-3.5.1.min.js.download

188.114.97.1

200 OK

90 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/jquery-3.5.1.min.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/jquery-3.5.1.min.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrY9tJQxRyA5RNeqwVIKygPOUURDScK%2BS0t9CzryPKLGjarnwfoey8mr5qCeHIY5HbARhs85SzA9WQB6%2BmB8W7wW6fKokllLphx2l3CSbNYojGFlC8Mh35JamOoj7Om3RvTsiSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159989569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=7.240978959308269&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373

3.124.173.63

200 OK

319 B

URL GET HTTP/2
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=7.240978959308269&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
IP
3.124.173.63:443
ASN
#16509 AMAZON-02

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerEntrust, Inc.
Subjectensighten.huntingtonbank.com
FingerprintD2:CB:B7:7A:8B:06:3B:10:5F:DA:B2:C8:11:C5:99:DE:24:4A:99:45
ValidityTue, 02 May 2023 14:04:33 GMT - Wed, 01 May 2024 14:04:33 GMT

File type
ASCII text, with very long lines (320), with no line terminators
Size
319 B (319 bytes)
Hash
4c60d1359141aa93db850d8257b39983
7df6a49790ed766e11ec0aa36616ba53e51c951b
c7dddd9378d031d2a883277bf071ba65297753e95130248531d1c74ffbe16124

HTTP Headers

GET /huntington/com/serverComponent.php?r=7.240978959308269&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:55:56 GMT
content-type: text/javascript
vary: Accept-Encoding
server: CloudFront
expires: Thu, 30 Nov 2023 05:55:55 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -y2m7YSXEJBKfsB9_23MJO07gA-qtsWiKdzIcoDEeEoBA66a8VHfTQ==
content-encoding: gzip
X-Firefox-Spdy: h2

huntingt-authv3.de/assets/js/fbevents.js.download

188.114.97.1

200 OK

90 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/fbevents.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (64379)
Size
90 kB (90273 bytes)
Hash
61df3554472fe8057b5ae4537648d00d
125767dc32df57aa86a64801d9457923e378b397
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/fbevents.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30hWzZeBfhWApmxPnVCLwapouONBPkD8rOWAmsySrwbyBehwxRBtyQ1ddt1bin%2B%2Bbs1M0USLPdIahOCAQdLwlaXXlYRKB75nkmRMwdj1TCKIOXTijfBRdI3ppvKzsL8CBFXSHtU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158975569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Medium.woff2

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Medium.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 20:07:44 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fYrkR3sBruk7MqAqa3SEcNFVrdSlKeod3357jPhYG3lswzguty0KMOPZdkICeYsQ2v8bUHiVA1yMMQTuF3Qeuf5X%2BHH6dcXN9cY9eKXavPtDCKwkHRLrOHMi7rXKQa1SLzKCUqg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815897c569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/muli-v11-latin-600.woff2

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/muli-v11-latin-600.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Size
17 kB (17080 bytes)
Hash
b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:56:56 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzOrpSAcLzdpYIIGBXTW3tj1%2Fjys1U%2FFq7bSOyGcDn9xW2UzfPW0a73pI6ikk8jWkIN5Vb65X5J6duvU1AQZjmZt8v3ynjWS2TbyRhNVyauin2zWICQ8fhBDlschLbGjleQPoTc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159984569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Book.woff2

188.114.97.1

200 OK

21 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/HuntingtonApexWeb-Book.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:56:02 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJOZFLmeSNvQPfFcsH%2BDnIKUhlVk4gCZbGFFoSOiaUrvrlSvMtFVf1%2BpAEeadEXi2wQnDXmftrIJ6IQuEFGEAtsqq0UiqKnLfVsu3Cy5V5ryCr8bgzGUXbwQkB%2Fwn%2FqcN%2F2BofQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815997f569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download

188.114.97.1

200 OK

182 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (1626)
Size
182 kB (182288 bytes)
Hash
227400e4070ac91189e80b05077abe20
714374d4c852c2058b1df7f4a6ff9f7acc164867
d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVqFfZuIgqtoI%2Fr04LXQBGtHCBGIxrGqBIyqotujnbzcusrni%2F7m5ZW9dfgkoLOOoUR%2FH3LdBpzG%2FJM7oejl0P3sPmcNzqHEUvlx6fBkRjX%2FxUdnjM6p58va5RmxBXihe3yjQEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815897b569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/muli-v11-latin-300.woff2

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/muli-v11-latin-300.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Size
17 kB (16872 bytes)
Hash
3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:56:44 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppl33uia%2FdjZdBkbhYa0nJ1qzCTMvTXNXhOWsuQVJKDhatmAIPT2PzGmHjpFQK6w9FM6TCsul7e58maRpxAMgAkirxG29K4g8Go9lSQ%2FXoZAh7NVlZoE4h2gVMOjtLvVvIVDLUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159982569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/inqChatLaunch10006663.js.download

188.114.97.1

200 OK

22 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/inqChatLaunch10006663.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (999)
Size
22 kB (22354 bytes)
Hash
1c9d96d3f228156fd7e9df9c531871d1
a118554b1208e30af4a0fef948c9566b8e7f4a94
648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/inqChatLaunch10006663.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Tue, 03 Nov 2020 20:36:50 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q10%2Fkrnp3Afl718T19l6Mod0E07BfRenAR6R9%2Fy5VCNCjSNKgjtl%2B3pYOcp8A21oVwbFfUP0c97OlssEGbcwU9KPNwe%2BStVuWcvmU6ACKhR9CdXzCfcKeNxLVSjD%2B6VInlZAigU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a994569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/resources/06bebd2b36rn240c2a1532a26141a767

188.114.97.1

404 Not Found

315 B

URL POST HTTP/3
huntingt-authv3.de/resources/06bebd2b36rn240c2a1532a26141a767
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
x-dtpc: -15$323758596_696h10vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0
Content-Type: text/plain;charset=UTF-8
Content-Length: 1533
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test; dtCookie=-15$D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA; rxVisitor=17013237586304S6N3NRE50D857LP30MSQSKM0H0U8H6R; dtPC=-15$323758596_696h10vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0; rxvt=1701325559341|1701323758633; dtSa=-; dtLatC=6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siOAgLkeHNiDjvzPsHvOmTzIbtrKuYQWU9vVvvG%2BIR5MTUuPkY3kvF%2FYDhDEk8y1qTtaXoykaST4VKB8PeLf%2BgZhMw%2FQ9e4twb0UfLeAOOv2DjYqAMt1%2FwF70DR%2FZVq4o46aMVA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d81c4d31569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/bat.js.download

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/bat.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (28050), with no line terminators
Size
28 kB (28050 bytes)
Hash
f07693f6368c988acd20de4362479103
d04355e119fac2c9104c4fe98015e22f3f181d93
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/bat.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Tue, 03 Nov 2020 20:36:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lp75syryxFqLXo8D0jb8IFqL4PgiZjob5BHT1RY9YcmCaDgibyBFBtU3wLF1SEYYS2WbTJwJML1wgx79WahQlwScWQRg1aeWLaGgQwWJLFkgREYbVcrEuyIDZDJIOsZI0e5tcAg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158977569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/oo_engine.min.js.download

188.114.97.1

200 OK

46 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/oo_engine.min.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (45689), with no line terminators
Size
46 kB (45689 bytes)
Hash
3023bde795e4926691e3691ace0d9356
053c86b53ec7bca624cffc3f6321697d35a1c5d5
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/oo_engine.min.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Tue, 03 Nov 2020 20:36:50 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3T1PjDvZZJDuZjl9MsyNfa4xatwgaqx1qrw4DNFfiy5zzAInYAL3lC8XkHIPPUuvBGIWyjeicBRxsesR%2FypVHu5qiSNvwTT1QXP%2BZMBnwkr3Joz8LClpBx%2BUWnUMqLeW2G68kQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a995569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/img/logo-honeycomb.svg

188.114.97.1

200 OK

844 B

URL GET HTTP/3
huntingt-authv3.de/assets/img/logo-honeycomb.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (871), with no line terminators
Size
844 B (844 bytes)
Hash
c8a5c6487983174db97c399d3470b2f3
1a98c9ea1b9c4b51a691aeab80384d6b866f4218
ce88657ce447107ca8c3daf22f31da1befa5d5da0965ab5f3233e53f539d3c4d

HTTP Headers

GET /assets/img/logo-honeycomb.svg HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Nov 2020 19:48:48 GMT
vary: Accept-Encoding
age: 5619
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBDr5ZGMkg3Sb4S8yAM2E2oQsx9eLbGiUVTKGNp6%2FvueGrHd9xs4D4xbXLs6s5CM3hKGER6aP9ILVE2ZsZ8vnaW3z036t1UGb2b5tyWWJJQX9Tsy7KfVyNSaPknnblM2PkGTVQA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d816ba1a569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/akam/11/pixel_7a8ba97f

188.114.97.1

404 Not Found

315 B

URL POST HTTP/3
huntingt-authv3.de/akam/11/pixel_7a8ba97f
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

POST /akam/11/pixel_7a8ba97f HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-dtpc: -15$323758596_696h13vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0
Content-Length: 3100
Origin: https://huntingt-authv3.de
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test; dtCookie=-15$D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA; rxVisitor=17013237586304S6N3NRE50D857LP30MSQSKM0H0U8H6R; dtPC=-15$323758596_696h13vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0; rxvt=1701325560944|1701323758633; dtSa=-; dtLatC=6; loginCookie=personalLogin
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 05:55:56 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c%2FHzbzhhHwzffSUIUwxfkF%2FKib4GsnKH0xo3qtwGjrejjafFcc2PGSDw5Aj3DVlNqKfX7jJxeN2R3AEmiQyfhqIkxMDzrlKShRYJCNix9jG7ctenuqslzJL6lpzKq%2Fu%2BpFWWOc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8267a11569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&version=23.44.4&a=1701323764035

54.85.247.171

200 OK

43 B

URL GET HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&version=23.44.4&a=1701323764035
IP
54.85.247.171:443
ASN
#14618 AMAZON-AES

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerAmazon
Subject*.clinch.co
Fingerprint72:AA:B0:02:98:13:E2:E1:FB:E7:EA:C9:45:78:0B:6B:58:BA:66:D4
ValidityMon, 27 Mar 2023 00:00:00 GMT - Wed, 24 Apr 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fhuntingt-authv3.de%2Flogin.php%3Fcmd%3Dlogin_submit%26id%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373%26session%3Daaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&version=23.44.4&a=1701323764035 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 30 Nov 2023 05:56:00 GMT
content-type: image/gif
content-length: 43
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2

huntingt-authv3.de/assets/img/EHL_Black_HouseOnly.svg

188.114.97.1

200 OK

707 B

URL GET HTTP/3
huntingt-authv3.de/assets/img/EHL_Black_HouseOnly.svg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (835), with no line terminators
Size
707 B (707 bytes)
Hash
8d3451204a24c3d3aec9fb7dac7e9039
ca59d5507f78d051707c00cf0f88f64aebbb7f4a
93fbd6d101d9b192175c027a09c6cdea189336a9eacaeca7e3498cdd6f2a76dc

HTTP Headers

GET /assets/img/EHL_Black_HouseOnly.svg HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Nov 2020 21:54:14 GMT
vary: Accept-Encoding
age: 5619
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vt2POGG3noaFdnnxJAwXVASY%2BZ3M2HL4a%2BV162x51zvW8rG2pzHgjFb52E3nPLmOW123z7iAVu7%2FrPgnS9O8I5OhYvBIKnB4sTk2UntVuja46mnivKgO8apo2cpypvkU0wB36VA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d816ba18569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/outdated.min.js.download

188.114.97.1

200 OK

1.1 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/outdated.min.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (1174), with no line terminators
Size
1.1 kB (1147 bytes)
Hash
a31510c42e378ef1cde8ba35d2f1d36e
7ef6aa4848a5e4dffe873cefa275b52ef0273e53
0416b2def2453ab91cc933226430524f6d6a739b4f3579101dfef62af1d20d37

HTTP Headers

GET /assets/js/outdated.min.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OKABG%2BuarLD95UPrVLp%2FQasK5b6TRJoMCr5SCKD4NTBeAX2%2B%2Fq1ufjB3Aw3A3NAliCI0p52a3xu63wdj43pZngai5tPVVB4%2FBWacJ0Zha3o3zRLUGqxFRevIMjB9%2F1eS83DxbU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d816ba1b569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/Bootstrap.js.download

188.114.97.1

200 OK

226 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/Bootstrap.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (603)
Size
226 kB (225981 bytes)
Hash
8746e0eaa34beca77c5679a495ed1d3a
f8bc25c85508043935f3e63ff5cd1196c35762d6
83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/Bootstrap.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODjPVRCpdSgrK5l3GIzAu%2FHWRInv23CFlTPLmKYYlLETkeLfuHCgzaNMPRl4xvKyjV2Az0ODs68xcxUtXxosNPry5YRg6ge%2F%2FEpAUFlKhNnMo9j1OJosegTa1NXBDpMuKWLa6GU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d815a98c569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/site-survey.min.js.download

188.114.97.1

200 OK

7.5 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/site-survey.min.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (7719), with no line terminators
Size
7.5 kB (7541 bytes)
Hash
e342c7c92e27cb6c2920b901944e0373
8447f22e109ad8476325a5e0acbe62e0c15df66b
3ad3ee1f6100531b5627d891ed76a190d90236315b4d6672a3ec799b5479eaaa

HTTP Headers

GET /assets/js/site-survey.min.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/javascript
last-modified: Tue, 03 Nov 2020 20:36:50 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfzaWI0HFSfpufyh36BtFrs4IqjiNsvZRrAwaymt%2BEDchjHQy%2FNYQHjRslDQVF6JnCFdU1BdHr3VV1Zp5k6atUo%2BHUFQ5Z%2F3iWLMaoDf0nvQ4bZi%2B4eV7gwdcgUUcz6F0mQ67fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d816ba1f569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/nuanceChat.html

188.114.97.1

404 Not Found

315 B

URL GET HTTP/3
huntingt-authv3.de/assets/js/nuanceChat.html
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/nuanceChat.html HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test; dtCookie=-15$D90LG8IDVN2T3TM8OLOQPVU1DV0EC8TA; rxVisitor=17013237586304S6N3NRE50D857LP30MSQSKM0H0U8H6R; dtPC=-15$323758596_696h2vKPRCCFAGAKCJBFBHKNKGLHJAFCWUCAIF-0; rxvt=1701325558790|1701323758633; dtSa=-; dtLatC=6
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 30 Nov 2023 05:55:54 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deHBI9QUvwJxFNsnLwpuQ3aQ3zMdTVTIAiykgHygOuIDnyTymo%2FKqn3DT6C%2Fityrhfo9ybkh8q9y%2Blxmfu%2Fgx4Tbcmuub2LfU8O8kWUWRTuRhNVEsts7EZFsbsp6tfsjQ%2BTzWTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d818eb45569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/js/ytc.js.download

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
huntingt-authv3.de/assets/js/ytc.js.download
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
ASCII text, with very long lines (14972), with no line terminators
Size
15 kB (14972 bytes)
Hash
49db10c8315384e8dad2e92a6841ed81
f576976a579cd50da6b717db5d48e1ea7137f744
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/js/ytc.js.download HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/javascript
last-modified: Tue, 03 Nov 2020 20:36:48 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MSpU37gR0tUOhRqOTaDbqLZ%2FIM2%2BB0RBJolIh3C5ffDs3rbmLPVa8OijT8AcQuNeR97wzOTBfvdMWtyQxFPRRM%2F9gzTThMn17%2FoDp3g90bVlR1A5aT%2BuaDAbr7r2SM7kjA7%2F3Gk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8158978569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/fonts/muli-v11-latin-700.woff2

188.114.97.1

200 OK

17 kB

URL GET HTTP/3
huntingt-authv3.de/assets/fonts/muli-v11-latin-700.woff2
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Size
17 kB (17128 bytes)
Hash
8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /assets/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
DNT: 1
Connection: keep-alive
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: font/woff2
last-modified: Mon, 02 Nov 2020 19:56:30 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FyiVtuewbD9udLbNM76eaqLd0wpB0VH%2FVcTv%2Fw8L3JRRsZ3fMW4ZlwSLZM7FZ%2ByyhjKH6ZZSNtmRZg1qJenEG8MOpWilVhHlDcwDJKRplIJT3OZ5VTE71hoZg%2BV0CsIxXCLKMk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159981569b-OSL
alt-svc: h3=":443"; ma=86400

huntingt-authv3.de/assets/css/toolkit.min.css

188.114.97.1

200 OK

354 kB

URL GET HTTP/3
huntingt-authv3.de/assets/css/toolkit.min.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Certificate
IssuerLet's Encrypt
Subjecthuntingt-authv3.de
Fingerprint3B:83:5D:B6:63:9B:6F:85:3A:A6:0F:BB:E2:AE:6E:4F:A0:F4:8C:7B
ValiditySun, 19 Nov 2023 17:31:10 GMT - Sat, 17 Feb 2024 17:31:09 GMT

File type

Size
354 kB (354237 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/css/toolkit.min.css HTTP/1.1
Host: huntingt-authv3.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://huntingt-authv3.de/login.php?cmd=login_submit&id=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373&session=aaa8ad7749be814bcb93c437f9362373aaa8ad7749be814bcb93c437f9362373
Cookie: __ddg1_=el4LiFmVeklNDpP80Lpj; chk=test
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 30 Nov 2023 05:55:53 GMT
content-type: text/css
last-modified: Mon, 02 Nov 2020 19:48:46 GMT
vary: Accept-Encoding
age: 5618
ddg-cache-status: MISS,MISS
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QfQUGDplfVadyWX7b2AD2uLe3W%2BC1jIDElfmyCfPdHgtZmQfk7x6Q6obAk%2FSW2%2FP76fQTjQhOG%2BuirRVkmMSwrKvhRLvN4h9hUqWXGVWq%2Bl7rOA8RyRtyD2G9%2BWt3rkIpLCa4mQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82e0d8159987569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP