r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10486
Expires: Wed, 01 Feb 2023 07:00:26 GMT
Date: Wed, 01 Feb 2023 04:05:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18823
Expires: Wed, 01 Feb 2023 09:19:23 GMT
Date: Wed, 01 Feb 2023 04:05:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8810
Expires: Wed, 01 Feb 2023 06:32:30 GMT
Date: Wed, 01 Feb 2023 04:05:40 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 03:35:57 GMT
content-type: application/json
age: 1783
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 00X3I5Iv/6DMhoINfd7nJynDSaHNDtIxoj34yDLschp8HrhPTGjhALwlQdCplC0cWNhMBk/nUds=
x-amz-request-id: SP0AA05C693C9Q47
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 03:51:25 GMT
age: 855
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 04:05:40 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c58a52542f390802666b59a191e6e85a
32d1b1ba0b603c741ac7793683575a790e606bf1
c6848b08c608eace2dde1bea8746fe0bf9ba3c678b8fea46d096d18c13541dd7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121170
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 04:05:40 GMT
Etag: "63d91b66-117"
Expires: Thu, 02 Feb 2023 13:45:10 GMT
Last-Modified: Tue, 31 Jan 2023 13:45:10 GMT
Server: nginx
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 03:41:42 GMT
age: 1439
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12451
Expires: Wed, 01 Feb 2023 07:33:12 GMT
Date: Wed, 01 Feb 2023 04:05:41 GMT
Connection: keep-alive
push.services.mozilla.com/
100.20.30.105101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 100.20.30.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f+o66Av8r7yMhmA3L9HG8g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: W8gGUNEv1krpuUt+mJ8xJDFjgdo=
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cdb739b0155f9deccbbc334a2be050
fb451169aa1c80028a115f86decfda9ebbb4d548
6586dda034a3b6dac63e065989e9e1b1cdcb13bbc177aae4b2cb0a55597afbb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 04:05:42 GMT
Last-Modified: Wed, 01 Feb 2023 02:18:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cdb739b0155f9deccbbc334a2be050
fb451169aa1c80028a115f86decfda9ebbb4d548
6586dda034a3b6dac63e065989e9e1b1cdcb13bbc177aae4b2cb0a55597afbb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4108
Cache-Control: max-age=166927
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 04:05:42 GMT
Etag: "63d9be19-1d7"
Expires: Fri, 03 Feb 2023 02:27:49 GMT
Last-Modified: Wed, 01 Feb 2023 01:19:21 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cdb739b0155f9deccbbc334a2be050
fb451169aa1c80028a115f86decfda9ebbb4d548
6586dda034a3b6dac63e065989e9e1b1cdcb13bbc177aae4b2cb0a55597afbb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4937
Cache-Control: max-age=167756
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 04:05:42 GMT
Etag: "63d9be19-1d7"
Expires: Fri, 03 Feb 2023 02:41:38 GMT
Last-Modified: Wed, 01 Feb 2023 01:19:21 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 74cdb739b0155f9deccbbc334a2be050
fb451169aa1c80028a115f86decfda9ebbb4d548
6586dda034a3b6dac63e065989e9e1b1cdcb13bbc177aae4b2cb0a55597afbb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 04:05:42 GMT
Last-Modified: Wed, 01 Feb 2023 02:18:24 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
104.84.152.56200 OK 217 B URL HTTP/2 www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
IP 104.84.152.56:0
ASN #20940 Akamai International B.V.
File type PNG image data, 18 x 18, 8-bit grayscale, non-interlaced\012- data
Hash 756ea9671899d785a86de4dcc11af817
89c6975e8d8a858e94aeed1c69b010abf2afd563
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e
GET /Presentation/onlineopinionV5/oo_icon_retina_black.gif HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "09489568927d91:0"
last-modified: Sat, 28 Jan 2023 00:10:14 GMT
server: Akamai Image Manager
x-serial: 430
x-check-cacheable: YES
content-length: 217
content-type: image/png
cache-control: private, no-transform, max-age=90893
expires: Thu, 02 Feb 2023 05:20:35 GMT
date: Wed, 01 Feb 2023 04:05:42 GMT
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97
104.84.152.56200 OK 764 B URL HTTP/2 www.huntington.com/-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97
IP 104.84.152.56:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 842c50db22ce317c9fdd556a89a56ed7
16618234768512011cbfa25fbe4a2058182c2438
35970fe98d0c106f081589aad0ba9f527f742dbf53e83ad2cfada395b40b7979
GET /-/media/hcom/Icons/EHL_Black_HouseOnly.svg?rev=4d1c852f206d4e10b42c49413970de97 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 764
content-type: image/svg+xml
etag: 57637a2d5858427aba58213dfd85741c
last-modified: Tue, 08 Mar 2022 19:24:24 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="EHL_Black_HouseOnly.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="2136463186"
x-ua-compatible: IE=edge
cache-control: public, max-age=1882129
expires: Wed, 22 Feb 2023 22:54:31 GMT
date: Wed, 01 Feb 2023 04:05:42 GMT
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC
104.84.152.56200 OK 1.6 kB URL HTTP/2 www.huntington.com/-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC
IP 104.84.152.56:0
ASN #20940 Akamai International B.V.
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3955), with CRLF line terminators
Hash c54fde5c7f10f3373c14c27609946887
76f3a105d90a2ee61357401656a063b0d1a460c3
791aacc8fbb8221f0828eb1412475de0a403000a13db9760a178177035195e6a
GET /-/media/hcom/global/logo/lockup.svg?rev=c9cf80c581284a5884ce918b9c672733&h=81&w=273&la=en&hash=CBB13816C82E9D808DD73BE863AAE7CC HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 25ac81b1cb8b4557ac63e0186de9a92b
last-modified: Tue, 14 Jul 2020 14:26:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="lockup.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtRpid;desc="-813670566"
x-ua-compatible: IE=edge
content-length: 1578
cache-control: public, max-age=1613897
expires: Sun, 19 Feb 2023 20:23:59 GMT
date: Wed, 01 Feb 2023 04:05:42 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58
104.84.152.56200 OK 449 B URL HTTP/2 www.huntington.com/-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58
IP 104.84.152.56:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (859), with no line terminators
Hash 648a49d01455e0be73da9e42a8617016
e7ccaaffff511ad60775110a51d1397520ec50b1
cc8f79aa4f6c0fe7efabdde6ffc887aff179327d960992a4a4d760afb734bfeb
GET /-/media/hcom/global/logo/logo-honeycomb.svg?rev=068545a5ac0a4bf68b6f194bec8dec58 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 2d91d2b82c4a40438297b714b6e7ceb5
last-modified: Mon, 11 Dec 2017 15:39:44 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="logo-honeycomb.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtRpid;desc="938876142"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=1423240
expires: Fri, 17 Feb 2023 15:26:22 GMT
date: Wed, 01 Feb 2023 04:05:42 GMT
content-length: 449
X-Firefox-Spdy: h2
huntvsqr.click/fonts/muli-v11-latin-700.woff2
104.16.243.78200 OK 18 kB URL HTTP/2 huntvsqr.click/fonts/muli-v11-latin-700.woff2
IP 104.16.243.78:0
File type Web Open Font Format (Version 2), TrueType, length 17948, version 2.0\012- data
Hash a5f6dc5210a89797e999fa7eaf52821a
6a8a2453f18b33cba51bbf770c903c0b47c3b502
8ae481bb79bfc320bd91e327cc14f9e118d72b52dfd3745c5e156578429a0a1f
Analyzer Verdict Alert fortinet Phishing
GET /fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://huntvsqr.click/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:42 GMT
content-type: font/woff2
content-length: 17948
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"461c-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7927cf69ec3e0afa-OSL
X-Firefox-Spdy: h2
huntvsqr.click/fonts/muli-v11-latin-300.woff2
104.16.243.78200 OK 18 kB URL HTTP/2 huntvsqr.click/fonts/muli-v11-latin-300.woff2
IP 104.16.243.78:0
File type Web Open Font Format (Version 2), TrueType, length 17592, version 2.0\012- data
Hash ebc70f1e2fe14617fdded2ed675c172f
b6584928f866f6946e56306d62f2563a375b28e6
fb7629ef257626018d08ccc53eeb20910eef9cb1226353e463cf3d59f078c395
Analyzer Verdict Alert fortinet Phishing
GET /fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://huntvsqr.click/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:42 GMT
content-type: font/woff2
content-length: 17592
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"44b8-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7927cf6a0c470afa-OSL
X-Firefox-Spdy: h2
huntvsqr.click/fonts/muli-v11-latin-regular.woff2
104.16.243.78200 OK 18 kB URL HTTP/2 huntvsqr.click/fonts/muli-v11-latin-regular.woff2
IP 104.16.243.78:0
File type Web Open Font Format (Version 2), TrueType, length 17852, version 2.0\012- data
Hash 8082d8a1c6eeb1958eddb2360e26216f
459edb3f9d690e3337c541b6ece1339a1575c4e3
50043bf7edd0dd29f30ccba8b27eb98d3df68cb25663390c59ce40061ca8c0d1
Analyzer Verdict Alert fortinet Phishing
GET /fonts/muli-v11-latin-regular.woff2 HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://huntvsqr.click/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:42 GMT
content-type: font/woff2
content-length: 17852
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45bc-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7927cf6a0c440afa-OSL
X-Firefox-Spdy: h2
huntvsqr.click/fonts/muli-v11-latin-600.woff2
104.16.243.78200 OK 18 kB URL HTTP/2 huntvsqr.click/fonts/muli-v11-latin-600.woff2
IP 104.16.243.78:0
File type Web Open Font Format (Version 2), TrueType, length 17824, version 2.0\012- data
Hash a1f853115a1ca7752b668218fcd77176
9d3e8c361c75b4e290482b0a2e5f078d7b269caf
2d92af96b73729cc46ac768a250bafc9890092b5f53e9cd2b709d5f48c2263e7
Analyzer Verdict Alert fortinet Phishing
GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://huntvsqr.click/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:42 GMT
content-type: font/woff2
content-length: 17824
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45a0-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7927cf6a0c480afa-OSL
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/main-e0ddca6ca271803b.js
104.16.243.78200 OK 32 kB URL HTTP/2 huntvsqr.click/_next/static/chunks/main-e0ddca6ca271803b.js
IP 104.16.243.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash abb1a60834e829cd156cc0ce53367580
8e413ee4faf0f1f79777147fdd5f810a16fee932
446723b74f81eab4859accc0eab50dfcaf12fd7e832e88234092f438ce47f747
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/main-e0ddca6ca271803b.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1a138-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf67fbcf0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/login
104.16.243.78200 OK 24 kB IP 104.16.243.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash bb2452ccc18670b0d725e26a359ea6e0
e6ba4cac7cc831a43bf092f04a09a173e889203e
8e9e557814474f0e997d7ece999bb96b22db8677838781341d2465b40783ed8d
Analyzer Verdict Alert openphish Huntington Bank
fortinet Phishing
GET /login HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: text/html; charset=utf-8
x-powered-by: Next.js
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
cache-control: private
x-do-orig-status: 200
cf-cache-status: MISS
server: cloudflare
cf-ray: 7927cf639ab20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5758
Expires: Wed, 01 Feb 2023 05:41:40 GMT
Date: Wed, 01 Feb 2023 04:05:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5758
Expires: Wed, 01 Feb 2023 05:41:40 GMT
Date: Wed, 01 Feb 2023 04:05:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 07:18:42 GMT
age: 74820
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/framework-715a76d8b0695da7.js
104.16.243.78200 OK 55 kB URL HTTP/2 huntvsqr.click/_next/static/chunks/framework-715a76d8b0695da7.js
IP 104.16.243.78:0
File type ASCII text, with very long lines (65154)
Hash 5444c77f72062451d5c7c09a95abf289
a979b2ca07f54956440dd55b676d78fa5bbbfe70
49ac0998bcee4f6cbaf24695adfbc5a31c9ecd34ae6b2d4917eedd778b939ffd
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/framework-715a76d8b0695da7.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"228bd-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf67fbcc0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ad49e3ca0f9935c7ff8f922039e5864
6382ee41cb26e42293e1ba5d9f0d3af64ddb672c
7a838e4e1aff60581fbf939920955ea67dae8fb3fa4e31572787c773404d071e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e99cd9-0681-47a5-bd03-80ff73a169b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14809
x-amzn-requestid: fc920367-4bb1-40fd-9f1d-1d50b27cfc77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaXEQEoAMF3Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-0f70e0252fc3a3e5248bb372;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8SGqBRt27x1A3p1Z55UzPW8myS3BPu1ows_X76xLB8KY5xNnfs1pUw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:45:15 GMT
age: 22827
etag: "6382ee41cb26e42293e1ba5d9f0d3af64ddb672c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85cde231b700eec450e0611b97742a43
c2c6279d74efdcceb319d6943cbcb9d1d1b686ca
d52297e17f93932aa7c99ae734d4b68f3b9b09b9938db95ecc96bac9f3bb588c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0378a78-c173-4036-ab09-812b1651c606.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8542
x-amzn-requestid: ad485963-7e2e-410d-ad1c-6386fb738f18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaVHXcoAMFuhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-12d7e4502d1fc1511b6f2260;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M1OD8v_jLlitIjUwxyZSke4kBfIFy0C_tbDQAHe5iDBrm_Fha7uwFg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:28 GMT
etag: "c2c6279d74efdcceb319d6943cbcb9d1d1b686ca"
content-type: image/jpeg
age: 22454
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/webpack-bb469f829a664d48.js
104.16.243.78200 OK 7.3 kB URL HTTP/2 huntvsqr.click/_next/static/chunks/webpack-bb469f829a664d48.js
IP 104.16.243.78:0
File type ASCII text, with very long lines (2193), with no line terminators
Hash f8ecc29ce249ceb626eb8aa3ac17983b
f06dd6739fd35c2d017d825713a4cce7d78da649
3e8bc2f9cb46d4b831841e95e1510b1fd0382bee7aca78ddccac3210229d81da
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/webpack-bb469f829a664d48.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"891-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf67fbcb0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/css/b57f3945d623ce44.css
104.16.243.78200 OK 178 kB URL HTTP/2 huntvsqr.click/_next/static/css/b57f3945d623ce44.css
IP 104.16.243.78:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 178 kB (177767 bytes)
Hash 0f56fcce370c1eb8f53ab1240e8c62d5
e983bb95b47786eabe2bb13e21ec72d6efa2883a
13afe1fc46a44c3a773ed6fbb27d518b627c99a2886d50cfd6d8b711747a7a4c
GET /_next/static/css/b57f3945d623ce44.css HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"14b939-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf67fbca0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/fonts/muli-v11-latin-600.woff2
104.16.243.78304 Not Modified 0 B URL HTTP/2 huntvsqr.click/fonts/muli-v11-latin-600.woff2
IP 104.16.243.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://huntvsqr.click/_next/static/css/b57f3945d623ce44.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Tue, 01 Jan 1980 00:00:01 GMT
If-None-Match: W/"45a0-49773873e8"
TE: trailers
HTTP/2 304 Not Modified
date: Wed, 01 Feb 2023 04:05:42 GMT
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"45a0-49773873e8"
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 304
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 7927cf6dcd140afa-OSL
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js
IP 104.16.243.78:0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/5J4KgIhdSRpGfebLbkdg7/_buildManifest.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"8ca-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf680bd50afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/pages/login-0b0e0a92b67f019e.js
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/_next/static/chunks/pages/login-0b0e0a92b67f019e.js
IP 104.16.243.78:0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/pages/login-0b0e0a92b67f019e.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1deb9-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf680bd40afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js
IP 104.16.243.78:0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/5J4KgIhdSRpGfebLbkdg7/_ssgManifest.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"4c-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf680bd60afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/favicon.ico
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/favicon.ico
IP 104.16.243.78:0
GET /favicon.ico HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:43 GMT
content-type: image/x-icon
cache-control: public, max-age=0
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"436-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: MISS
server: cloudflare
cf-ray: 7927cf6d5d020afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/378-f6299790a79d3f53.js
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/_next/static/chunks/378-f6299790a79d3f53.js
IP 104.16.243.78:0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/378-f6299790a79d3f53.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"b149-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf67fbd20afa-OSL
content-encoding: br
X-Firefox-Spdy: h2
huntvsqr.click/_next/static/chunks/642-1ddc0889e5bf46d8.js
104.16.243.78200 OK 0 B URL HTTP/2 huntvsqr.click/_next/static/chunks/642-1ddc0889e5bf46d8.js
IP 104.16.243.78:0
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/642-1ddc0889e5bf46d8.js HTTP/1.1
Host: huntvsqr.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://huntvsqr.click/login
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Feb 2023 04:05:41 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 01 Jan 1980 00:00:01 GMT
etag: W/"1387c-49773873e8"
vary: Accept-Encoding
x-do-app-origin: 6199d623-ae7e-4c16-9138-0fff913d569b
x-do-orig-status: 200
cf-cache-status: HIT
age: 48612
server: cloudflare
cf-ray: 7927cf680bd30afa-OSL
content-encoding: br
X-Firefox-Spdy: h2