r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18110
Expires: Sun, 26 Mar 2023 03:12:01 GMT
Date: Sat, 25 Mar 2023 22:10:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16071
Expires: Sun, 26 Mar 2023 02:38:02 GMT
Date: Sat, 25 Mar 2023 22:10:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 21:15:29 GMT
content-type: application/json
age: 3283
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5562
Expires: Sat, 25 Mar 2023 23:42:54 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jfadarT9/t/m3YjURJD6B4l3M4pzcYdRmYWO++sZ+X6sX32ggOOFsyBRy7peW6H3BDLRFP9CAUI7VqGXCTeFfA==
x-amz-request-id: F050W5HD82HRS4CG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 22:00:57 GMT
age: 555
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/login.php?cmd=login_submit&id=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8&session=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8
200 OK 1.5 kB URL HTTP/1.1 huntington-banking.bhipvitality.com/login.php?cmd=login_submit&id=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8&session=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (311), with CRLF line terminators
Hash 206ddc7ef3537c9cfc21afaf320cb09b
6de9fb7a61332514f4bf28423594319dc4e14123
eecf7270a07507502e63d09759c02d28bde510d886cee5d36e19d1baccd636e3
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
NIDS Severity Alert suricata high ET PHISHING Generic Phishkit Activity (GET)
suricata medium ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017
GET /login.php?cmd=login_submit&id=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8&session=32d9ec841d08f8a393c4acfd88736ad832d9ec841d08f8a393c4acfd88736ad8 HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:10:12 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Cache-Control: max-age=7200
Expires: Sun, 26 Mar 2023 00:10:12 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1519
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:10:12 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:10:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
File type ASCII text, with very long lines (32065)
Hash 6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://huntington-banking.bhipvitality.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Mar 2023 09:53:29 GMT
expires: Wed, 20 Mar 2024 09:53:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 389803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 22:10:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 590b6d83f5b2ae15b0d6ea4042456aa1
cd745fcb1458de0965e09b02aeb8d90cef7a9cfa
0513ee32cf0c0629d192bdabc3409da417ba53b0fc34e81f6668ecca4250560b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0513EE32CF0C0629D192BDABC3409DA417BA53B0FC34E81F6668ECCA4250560B"
Last-Modified: Sat, 25 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3945
Expires: Sat, 25 Mar 2023 23:15:57 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif
404 Not Found 17 kB URL HTTP/2 smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif
IP
ASN #210250 K Media Tech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9698), with CRLF, LF line terminators
Hash dc0c2cf1f1a92678d87e4df4c6984cff
0caab333a6e4dbd483705d0007c8b6a5cb46a75c
5f3beb53e6fb4cf4759f3fcb61ad8eab724377869492a7809653033f2862c99c
GET /wp-content/uploads/2014/08/Preloader_11.gif HTTP/1.1
Host: smallenvelop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://huntington-banking.bhipvitality.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 25 Mar 2023 22:10:12 GMT
content-type: text/html; charset=UTF-8
content-length: 16901
x-powered-by: PHP/7.4.33
set-cookie: PHPSESSID=sgm1oepjrupeeo1vvob25on2n9; path=/; secure; HttpOnly
pragma: no-cache
cache-control: public,max-age=3600
x-ua-compatible: IE=edge
link: <https://smallenvelop.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,Origin
wpx: 1
x-turbo-charged-by: LiteSpeed
x-edge-location: WPX CLOUD/NOR01
server: WPX CLOUD/NOR01
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 80f2be2c1d1f346b3acaf238578070c1
96f4ed965e1195089050593e114867f9ce802cdc
002d16a3fd2844cef2e055761b7188615e5fce1449e66cf320761f392c26b556
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "002D16A3FD2844CEF2E055761B7188615E5FCE1449E66CF320761F392C26B556"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21584
Expires: Sun, 26 Mar 2023 04:09:56 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 80f2be2c1d1f346b3acaf238578070c1
96f4ed965e1195089050593e114867f9ce802cdc
002d16a3fd2844cef2e055761b7188615e5fce1449e66cf320761f392c26b556
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "002D16A3FD2844CEF2E055761B7188615E5FCE1449E66CF320761F392C26B556"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 26 Mar 2023 04:10:12 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9499
Expires: Sun, 26 Mar 2023 00:48:31 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 21:17:24 GMT
age: 3168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa9dd115a0df45be56048c1b3b130f25
fc46ea8f0884c4663ccb89200e374ebc14d9d8d1
f14111a4ecfb3b519a032387f9a54be6ea198fce2e296bcc6de2c8709651b4fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F14111A4ECFB3B519A032387F9A54BE6EA198FCE2E296BCC6DE2C8709651B4FA"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Sun, 26 Mar 2023 04:09:40 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa9dd115a0df45be56048c1b3b130f25
fc46ea8f0884c4663ccb89200e374ebc14d9d8d1
f14111a4ecfb3b519a032387f9a54be6ea198fce2e296bcc6de2c8709651b4fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F14111A4ECFB3B519A032387F9A54BE6EA198FCE2E296BCC6DE2C8709651B4FA"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21582
Expires: Sun, 26 Mar 2023 04:09:54 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fa9dd115a0df45be56048c1b3b130f25
fc46ea8f0884c4663ccb89200e374ebc14d9d8d1
f14111a4ecfb3b519a032387f9a54be6ea198fce2e296bcc6de2c8709651b4fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F14111A4ECFB3B519A032387F9A54BE6EA198FCE2E296BCC6DE2C8709651B4FA"
Last-Modified: Fri, 24 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 26 Mar 2023 04:10:12 GMT
Date: Sat, 25 Mar 2023 22:10:12 GMT
Connection: keep-alive
huntington-banking.bhipvitality.com/images/hgn.png
200 OK 1.3 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/hgn.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 104 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 3f5d727c4d2e21598d45cc23f5735c1c
8dce595793457d42ed60977c5898e8da07ea7698
b5425e9eb7353db1fd728960db79c51f65004b03c58214d09b028c15cc379418
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/hgn.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:56:00 GMT
accept-ranges: bytes
content-length: 1310
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h7.png
200 OK 2.2 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h7.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 235 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 89d1dce74976f4574fe237cbe7355d3b
e90ddc2059f5479defc732e925fcc9cef4931db2
84298908d1434625c1b0ad441dd7c3306ee3163c498a51473f9f35b02b529cf0
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h7.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:55:38 GMT
accept-ranges: bytes
content-length: 2173
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h8.png
200 OK 2.9 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h8.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 295 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ca8f64ca7b7e4b7a9e6fc9d88d2572c
2056f1590fd95a2dc023d717fd5160b57d82469f
12976ecafc16fe238d544a1e16762ba92798d6d44a07f7b6252dbdeb8b3efd02
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h8.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:56:28 GMT
accept-ranges: bytes
content-length: 2879
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bA+jAu9Ma0cKCa9l693skw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: LSAQkVaFvc20lG7S7fWjCSi+Ftw=
huntington-banking.bhipvitality.com/images/h5.png
200 OK 43 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h5.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1349 x 282, 8-bit/color RGBA, non-interlaced\012- data
Hash 0853e60c7ab442056ecde3120a982608
ff1dac5339cfc8daf8eed0d11ed1eed1268b8783
97f0f71e3aaf8472f45c69beab027158718474cb6e1456be91302526dafc1575
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h5.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 13 Feb 2020 17:16:50 GMT
accept-ranges: bytes
content-length: 43097
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h1.png
200 OK 19 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h1.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1349 x 156, 8-bit/color RGBA, non-interlaced\012- data
Hash d5cc42886b927d1ded4729b8043d4d0f
5be045749c9ac75e134c38f3d6905f39846d2d31
f284cbd4eff46e8c6062d237b3a0a209ad2776528f1233d08eadedaa80f0fdbf
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h1.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:27:22 GMT
accept-ranges: bytes
content-length: 19268
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h2.png
200 OK 592 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h2.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1349 x 591, 8-bit/color RGBA, non-interlaced\012- data
Size 592 kB (591908 bytes)
Hash db2c4cd8ab90eb8727ad6fb1e9d3b120
32181727948f815dc025004dac904675d603141d
a9b1c6a588900962422deaa653d53a7391a556c87d9bff525658dbfe132f6ead
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h2.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 16:21:52 GMT
accept-ranges: bytes
content-length: 591908
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h4.png
200 OK 313 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h4.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1349 x 371, 8-bit/color RGBA, non-interlaced\012- data
Size 313 kB (313194 bytes)
Hash d68811cff396c6555427b73145b37a57
715ea5ea8d93a2addabe27e709a3411f8d513922
986a311ba8cccf0203588c6dda00595dc4f45f59bcc1daa5b7c57579fc2eacc2
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h4.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:36:44 GMT
accept-ranges: bytes
content-length: 313194
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h3.png
200 OK 326 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h3.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1349 x 493, 8-bit/color RGBA, non-interlaced\012- data
Size 326 kB (326149 bytes)
Hash 442512ab91e9eb4afc39370c3525870f
5d7200fb742b9309d86758c7101c743c9c791558
b61428d8488d902b009224c5f6f968d6b9be3b7fbe4c6910d3ff22e48f2d8a68
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h3.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:36:30 GMT
accept-ranges: bytes
content-length: 326149
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/h6.png
200 OK 844 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/h6.png
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1127 x 528, 8-bit/color RGBA, non-interlaced\012- data
Size 844 kB (844128 bytes)
Hash 3e6f7ea039f47fb2034c7db471890e9c
7ef0dafb02d5522fa85aad2e0f559153cee0d2c5
6bbfdbd90ac2717480bdd38effdfc68d2f54097e5755612e798a544dbab5da92
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/h6.png HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 15 Jul 2019 15:36:58 GMT
accept-ranges: bytes
content-length: 844128
cache-control: max-age=86400
expires: Sun, 26 Mar 2023 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
huntington-banking.bhipvitality.com/images/favicon.ico
200 OK 1.3 kB URL HTTP/2 huntington-banking.bhipvitality.com/images/favicon.ico
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 96f1746cd5f33f542e18900d31019f6a
4beb3ef71e57b2aa048f43e59f0805c3f1257412
980822c2935a8c30bc02aee1c1bd033a4c5bc3cb63b9eb83a63d159f62158db8
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
urlquery phishing Phishing - Huntington
GET /images/favicon.ico HTTP/1.1
Host: huntington-banking.bhipvitality.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://huntington-banking.bhipvitality.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Sep 2018 01:32:40 GMT
accept-ranges: bytes
content-length: 1282
cache-control: max-age=31536000
expires: Sun, 24 Mar 2024 22:10:13 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/x-icon
date: Sat, 25 Mar 2023 22:10:13 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:10:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:10:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:10:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:10:14 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:10:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 58430
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dc799aaa2f69ef1109501a605dbdcfd
58cefa986d580ee408fbca288e3e45ba86fb97ac
54fa967d6b96b456416c62140a4eb9b6cda29b80d5083b5d1321b1fb89b3455f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9124
x-amzn-requestid: 30a39bb7-d3cc-473a-a5f9-4921367832c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUESiIAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-6c9bb97512fc3c8a3ecedc43;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _4VxID1v_auG0Vuzp87FJoPbgJovhYYYa1fpzQZze51I6HwFKbja6w==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:20 GMT
age: 1974
etag: "58cefa986d580ee408fbca288e3e45ba86fb97ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30183c6c59b8fc603d77773182f50202
8942515b5abe11d1a81b19dcde4b525aa1d26671
d218a7991efd84f78d4ed1925ca943788de99f5b5558440593d648f2965ecfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5408
x-amzn-requestid: 15377820-5f38-46a5-aa36-321322cef223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hLEFVoAMF7wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-1329e52e5c1c6ba738a79b2d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: W7PHCc0jq1nFR55Hd8nBaUqlbnBzmOEYwLNc6p5FXDuBCo8msyq-iQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:50:16 GMT
etag: "8942515b5abe11d1a81b19dcde4b525aa1d26671"
content-type: image/jpeg
age: 1198
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffef80630953d486de654abbb5d40ccd
06323c322ac667e3388bba406222121607eb804a
b853a741069e96d8430d766bb1422e50488622729bd069e29b8839ddc5743822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff4405f-78db-4a79-9e55-e4fc35844c68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6566
x-amzn-requestid: 0a9abca1-24c3-4adf-8509-f8ebcab1c24d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smEZFIAMFyFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-6ce8a53e779d724a11af3531;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: ibxm5Q-obzgZHNavKjqxgcgY9ePeF9PTC8wPzjE8fERmyVxaxnahKQ==
via: 1.1 0a166b53605851fe961f5a2952e5a748.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "06323c322ac667e3388bba406222121607eb804a"
content-type: image/jpeg
age: 1987
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 908bd7a6c220345e72fa664f871424c4
61a5d3f11e85d5fd77192701c305cb8651aa6395
9531f5b25cab1030aa579aa9f3b369ecb9daf0b929573897c6516520c06084a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11100
x-amzn-requestid: 3021b51a-674d-45d7-9939-9257330c0dbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hQFs1oAMFb0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-0200a29207f6a3f5074c3cf1;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: NWvCK-Z608BCGDZIvuqVJ2wBQxwRoRmfjnxeDEcvzHZ7877go8IpRw==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:22 GMT
etag: "61a5d3f11e85d5fd77192701c305cb8651aa6395"
content-type: image/jpeg
age: 1972
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b21b2c60279839939b60afd83d047fa
544c243fe2d69156f50eec156a62de127128a028
091a59214cfc0af90b4cb820bb521577ae63e862ec10160b8f64c9a9e593630d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffbfc8880-7788-4d8c-a59c-c048b787b772.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7823
x-amzn-requestid: c528eae7-69b4-4669-8c15-2b306586b84b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWHx5IAMFlEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-340c77491ea4440b340e3822;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 2uV186j4t31jcyYDdXxsw5YgM6P5nCbzmgXWvG-pVSpvsjXz6Fsp0A==
via: 1.1 e39f48cc8f516dc1072afdb086c71f32.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:19 GMT
etag: "544c243fe2d69156f50eec156a62de127128a028"
content-type: image/jpeg
age: 1975
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
162.241.218.142
23.36.77.32