r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9414
Expires: Thu, 10 Nov 2022 08:32:11 GMT
Date: Thu, 10 Nov 2022 05:55:17 GMT
Connection: keep-alive
myhuntington.hopto.org/acc
66.29.140.111301 Moved Permanently 449 B URL HTTP/1.1 myhuntington.hopto.org/acc
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 81b86344e90d8d322dab8353036efd50
befcfa244bee748f35c94f45a65ef754fdad3fc2
86f19cb22656df46165dd8ad27285900b450fa09a030c8e7c53cb62839772116
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
content-type: text/html
date: Thu, 10 Nov 2022 05:55:17 GMT
server: LiteSpeed
location: http://myhuntington.hopto.org/acc/
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4453
Cache-Control: max-age=107400
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:17 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:45:17 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16999
Expires: Thu, 10 Nov 2022 10:38:36 GMT
Date: Thu, 10 Nov 2022 05:55:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xP9RoWUVwFkkO2aD2os3ztpiP+LxSkgXIwFtLOL2oPCJCFTC2EtwDlntPVP0vrI+HBGc4fORkGw=
x-amz-request-id: 7PN16WQWGBVDWXWT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 05:12:01 GMT
age: 2596
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 05:55:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3132
Cache-Control: max-age=101023
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:18 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:59:01 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iDaK1tfeJiCpOb+TBvsmPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SzXQbwU4VuV4iIQnWsJmTz2fSdQ=
myhuntington.hopto.org/acc/
66.29.140.111200 OK 27 kB URL HTTP/1.1 myhuntington.hopto.org/acc/
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3686)
Hash e3adc4f97e2071f3012c3e722e741842
e710beb6dd0ff86781faea74614c863484a3f348
923c5f101b7cee800595b26560ae9a68aaf2413062aaf76953d5560fdf43dd14
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
set-cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 26897
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/css/site-survey.min.css
66.29.140.111200 OK 1.1 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/css/site-survey.min.css
IP 66.29.140.111:0
File type ASCII text, with very long lines (4339)
Hash c97510fa2447d28179e86c812f2892bd
d4155ed2082d208adf94015e89d43bc21298c0c8
add0f1dac2edc2fc4763afcbb2b339ea2915caec1042da78d3d1d92057901681
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /acc/assets/css/site-survey.min.css HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "1124-5fa01cfa-102484;gz"
last-modified: Mon, 02 Nov 2020 14:51:38 GMT
content-type: text/css
content-length: 1129
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-300.woff2
66.29.140.111200 OK 17 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-300.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Hash 3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "41e8-5f9fecf6-10248f;;;"
last-modified: Mon, 02 Nov 2020 11:26:46 GMT
content-type: font/woff2
content-length: 16872
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 27694
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 27559
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 29529
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 29118
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7fa2648bda72248fd56cf98d3b2210b7
d10647bb2b9705edbbb21ddd7092404fff8b1491
a89679ead6f90b21f7d020911ca809686ea17d8c15e62e645462a5ee675a5c2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9082
x-amzn-requestid: f5e67e88-d5ef-4f68-86f9-f59f85eeb751
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAwmFdrIAMFuRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae6a-38bc67d714f60c1f5e0f007c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:06:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hLaLpJKOvpvEw974yp7tKSP6ynnzRbAIP0hyH03CJTHT4MikDu9QRg==
via: 1.1 f4ae8c7714a9bd89828bad25fc96be24.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:32:50 GMT
age: 73349
etag: "d10647bb2b9705edbbb21ddd7092404fff8b1491"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg
34.120.237.76200 OK 3.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dcde51bc367052b5d4566f2e99cef9a
0481ae2ec1c61273232fb22fc2a78d6e0d2048d6
303700c24ab524cd55bf4924e1c8032708df4498032232082b5321ac075461b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3181
x-amzn-requestid: 497229d6-6e60-4a06-840e-760b26d0400f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOA7hEDYoAMFXmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368aeaf-79a19c2f615ee65534b23b77;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:07:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6ry-81sAws-TsvlqOQMD5laeUR1hfK9d_N507AgFU5AepaF_rq5Mg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:40:13 GMT
age: 72906
etag: "0481ae2ec1c61273232fb22fc2a78d6e0d2048d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Medium.woff2
66.29.140.111200 OK 20 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Medium.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Hash 3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "4e08-5f9fef8a-10248d;;;"
last-modified: Mon, 02 Nov 2020 11:37:46 GMT
content-type: font/woff2
content-length: 19976
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Bold.woff2
66.29.140.111200 OK 20 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Bold.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Hash ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "4d00-5f9fecb8-10248b;;;"
last-modified: Mon, 02 Nov 2020 11:25:44 GMT
content-type: font/woff2
content-length: 19712
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Book.woff2
66.29.140.111200 OK 21 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Book.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Hash a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "5070-5f9feccc-10248c;;;"
last-modified: Mon, 02 Nov 2020 11:26:04 GMT
content-type: font/woff2
content-length: 20592
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2
66.29.140.111200 OK 19 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Hash 6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "48cc-5f9fecd8-10248e;;;"
last-modified: Mon, 02 Nov 2020 11:26:16 GMT
content-type: font/woff2
content-length: 18636
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-700.woff2
66.29.140.111200 OK 17 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-700.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Hash 8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "42e8-5f9fece8-102491;;;"
last-modified: Mon, 02 Nov 2020 11:26:32 GMT
content-type: font/woff2
content-length: 17128
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-600.woff2
66.29.140.111200 OK 17 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-600.woff2
IP 66.29.140.111:0
File type Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Hash b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "42b8-5f9fed02-102490;;;"
last-modified: Mon, 02 Nov 2020 11:26:58 GMT
content-type: font/woff2
content-length: 17080
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/
66.29.140.111404 Not Found 705 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/js/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/121543311796381
66.29.140.111200 OK 21 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/121543311796381
IP 66.29.140.111:0
File type ASCII text, with very long lines (6957)
Hash e3bf3fa0a912c14bfe1c0b7282fbfa8a
96b0a4a037c23ce2e7bc90c146610c473549665a
1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/121543311796381 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "521b-5f9feb16-1024a0;;;"
last-modified: Mon, 02 Nov 2020 11:18:46 GMT
content-length: 21019
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/bat.js.download
66.29.140.111200 OK 28 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/bat.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (28050), with no line terminators
Hash f07693f6368c988acd20de4362479103
d04355e119fac2c9104c4fe98015e22f3f181d93
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/bat.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "6d92-5fa147da-1024b2;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-type: application/octet-stream
content-length: 28050
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/ytc.js.download
66.29.140.111200 OK 15 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/ytc.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (14972), with no line terminators
Hash 49db10c8315384e8dad2e92a6841ed81
f576976a579cd50da6b717db5d48e1ea7137f744
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/ytc.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "3a7c-5fa147da-1024ef;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-type: application/octet-stream
content-length: 14972
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/fbevents.js.download
66.29.140.111200 OK 90 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/fbevents.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (64379)
Hash 61df3554472fe8057b5ae4537648d00d
125767dc32df57aa86a64801d9457923e378b397
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/fbevents.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "160a1-5f9feb16-1024c4;;;"
last-modified: Mon, 02 Nov 2020 11:18:46 GMT
content-type: application/octet-stream
content-length: 90273
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/css/toolkit.min.css
66.29.140.111200 OK 51 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/css/toolkit.min.css
IP 66.29.140.111:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e4e50bdb8ffbf39f7a4ec9d2edcc470d
58358a28c3c6891b3a47dbcfee34f272c8756eb6
798a9da3503d437d40c5e2c9d6db6ddb981c385160df34d665131616364208d1
Analyzer Verdict Alert urlquery DynDNS domain detected
GET /acc/assets/css/toolkit.min.css HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "567bd-5f9feb18-102488;gz"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: text/css
content-length: 51420
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/js
66.29.140.111200 OK 97 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/js
IP 66.29.140.111:0
File type ASCII text, with very long lines (2639)
Hash 67e765e44e7d18ed41711d7e4935bc50
0289b9754b56ba057550a7e7d62e0b3587e43f2d
e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/js HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "17a7c-5fa147da-1024d2;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-length: 96892
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download
66.29.140.111200 OK 90 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/jquery-3.5.1.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "15d84-5f9feb18-1024cf;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 89476
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/7a8ba97f
66.29.140.111200 OK 33 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/7a8ba97f
IP 66.29.140.111:0
File type ASCII text, with very long lines (19024)
Hash af77eedae6083a5bd6f07cec713ab58d
2804fbe107e6af68bf7e2d39cfb176987e1fc9ad
06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/7a8ba97f HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "805f-5f9feb1a-1024a6;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-length: 32863
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download
66.29.140.111200 OK 154 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (543)
Size 154 kB (154122 bytes)
Hash d33104f26092658d2becbbfa66e9d1fb
9c33f190903b2664af1f20b3a16ce2dca13d8a49
4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "25a0a-5f9feb18-1024a7;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 154122
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download
66.29.140.111200 OK 182 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (1626)
Size 182 kB (182288 bytes)
Hash 227400e4070ac91189e80b05077abe20
714374d4c852c2058b1df7f4a6ff9f7acc164867
d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "2c810-5f9feb18-1024e2;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 182288
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download
66.29.140.111200 OK 22 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (999)
Hash 1c9d96d3f228156fd7e9df9c531871d1
a118554b1208e30af4a0fef948c9566b8e7f4a94
648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/inqChatLaunch10006663.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "5752-5fa147dc-1024cb;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 22354
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download
66.29.140.111200 OK 226 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (603)
Size 226 kB (225981 bytes)
Hash 8746e0eaa34beca77c5679a495ed1d3a
f8bc25c85508043935f3e63ff5cd1196c35762d6
83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/Bootstrap.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "372bd-5f9feb18-1024b4;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 225981
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download
66.29.140.111200 OK 46 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (45689), with no line terminators
Hash 3023bde795e4926691e3691ace0d9356
053c86b53ec7bca624cffc3f6321697d35a1c5d5
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/oo_engine.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "b279-5fa147dc-1024da;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 45689
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/outdated.min.js.download
66.29.140.111200 OK 1.1 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/outdated.min.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (1083)
Hash bc854aab7af244173e4dc2ca2a8f471a
1f0444814fabf2d764af527d1718e376ca0c89c1
11a2b7d65804df37c5d5801da23212eddb8530ffb15a5b67d77a8ccdcb5b8199
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/outdated.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "47b-5f9feb1a-1024dd;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-type: application/octet-stream
content-length: 1147
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download
66.29.140.111200 OK 7.5 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download
IP 66.29.140.111:0
File type ASCII text, with very long lines (7496)
Hash 374ca92abaa98bc7b2f19fe64114a18b
4c0a1441026a9337d322d7ae5536df1427e5c140
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/site-survey.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "1d75-5fa147dc-1024e8;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 7541
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download
66.29.140.111200 OK 462 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download
IP 66.29.140.111:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 462 kB (461456 bytes)
Hash 325f5dd8b44503ea1799409a40addb9e
3887ffbc86f01677d34cce7ac8839305e175e97a
dbe44f4b698a44798e63a0177f6283a2dff01335f142be72dccfedd66e91554e
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/toolkit.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "70a90-5f9feb18-1024ed;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 461456
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767
66.29.140.111200 OK 72 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767
IP 66.29.140.111:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 335f2776eaf4ca7eca9953d2240c3316
5f5702f072d8e721dd3557ccd2a0944b3cc58fa5
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
fortinet Phishing
GET /acc/assets/js/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
etag: "1194c-5f9feb1a-10249f;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-length: 72012
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/img/lockup.svg
66.29.140.111200 OK 1.4 kB URL HTTP/1.1 myhuntington.hopto.org/acc/assets/img/lockup.svg
IP 66.29.140.111:0
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Hash 41f9c2b49c7545cfd8f1cecea7fb2f0d
3111210d97f702b6d8aaa6e4b75511f1941760ca
a895ca27867d5e0dc7344b12b4055d0e29dcee72314cf1f2acc5dfecbfaea35c
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/img/lockup.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "f66-5fa00880-102497;gz"
last-modified: Mon, 02 Nov 2020 13:24:16 GMT
content-type: image/svg+xml
content-length: 1414
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/
66.29.140.111404 Not Found 705 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/js/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/img/oo_icon_retina_black.gif
66.29.140.111200 OK 552 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/img/oo_icon_retina_black.gif
IP 66.29.140.111:0
File type GIF image data, version 89a, 18 x 18\012- data
Hash 0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
GET /acc/assets/img/oo_icon_retina_black.gif HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "228-5fa025d8-102499;;;"
last-modified: Mon, 02 Nov 2020 15:29:28 GMT
content-type: image/gif
content-length: 552
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/img/EHL_Black_HouseOnly.svg
66.29.140.111200 OK 362 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/img/EHL_Black_HouseOnly.svg
IP 66.29.140.111:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 154fab8e5b522f196f0ee37531af9c86
ebe3f81861334d969b43620e2637dd3357870aa0
9020cc818e67a2cbd69bbcef14df9e2bbe1af307f6311e7604ae15a26355f0e2
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/img/EHL_Black_HouseOnly.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "2c3-5fa00880-102494;gz"
last-modified: Mon, 02 Nov 2020 13:24:16 GMT
content-type: image/svg+xml
content-length: 362
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/img/logo-honeycomb.svg
66.29.140.111200 OK 435 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/img/logo-honeycomb.svg
IP 66.29.140.111:0
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Hash 1e8ab5050c6d9f1b254f92c9f9cb1842
4213f9baa531ca13becb8fac61701243474f9fc1
4d881d3e3a79ee19b069ba39938689bfca1f42c7fa47ecbe20fd2a390056e497
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/img/logo-honeycomb.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "34c-5f9feb1a-102498;gz"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-type: image/svg+xml
content-length: 435
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive
myhuntington.hopto.org/acc/assets/js/nuanceChat.html
66.29.140.111404 Not Found 705 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/js/nuanceChat.html
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert urlquery DynDNS domain detected
fortinet Phishing
GET /acc/assets/js/nuanceChat.html HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
www.googletagmanager.com/gtag/js?id=DC-8085313
142.250.74.168302 Found 251 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=DC-8085313
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5330b68f600d5329a352e3b83a624e37
f098e2924dbe204685ef7b3a69d97f40bd3514d9
82667f1e0731a3710a54140b16300eacfe3e33b2e6cf84327dcf1a653ab6a683
GET /gtag/js?id=DC-8085313 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-8085313
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-8085313
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-8085313
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash f898a049491e57ed4b179b6c86c61e8a
11f2ec5e6aa8a69e9cfe2835bb5dcd0932228687
0207c95057ca822a3081d1d124b0582db05854179cf820e36df49a94397d1d3d
GET /gtag/js?id=DC-8085313 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://myhuntington.hopto.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 10 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
142.250.74.168302 Found 287 B URL HTTP/1.1 www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 38911cae1d8fb0baaf10fbcc263920c9
5ebba50367e9da80eca247d0d7fd171a3d161fc5
1c535af9057c16bb8654d88ba03dfa76f47041316c6b78c332e56bd809a49f22
GET /gtag/destination?id=AW-849064376&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 287
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d2287b99358f20a1e966de644e530bbc
e786dd9ecd3fe89e0bd6946eb1ea3ca9e975abe9
53065f01a414b187d988bcca1a083a92779f008a21b28b3bb9fc55cc13b9dec1
GET /gtag/js?id=AW-849064376&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577
GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4
GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f
GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
34.242.179.188200 OK 243 B URL HTTP/1.1 ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 34.242.179.188:0
File type ASCII text, with very long lines (318)
Hash 41d98e9a26ab2d3d3826d66adb1789c5
cb423795ef1a4f764f3f2c9a6b281714a696afd5
3242c221dd72207b77e0e8c632263fe0a3568e2b7d660d982632889b47400803
GET /huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 10 Nov 2022 05:55:20 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 e38902d67e98c06c59b2b9295ce6ef04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: 16NTtTbnppV-xJMGE5ZCHLGvjaLnadME0MbLh9o9mfv0MpcrpLG0Rg==
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
8085313.fls.doubleclick.net/activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F?
142.250.74.70200 OK 260 B URL HTTP/2 8085313.fls.doubleclick.net/activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (507), with no line terminators
Hash d730c9b4bc6e2e0fdfe87b46aaeb50bb
8daa31e194b77d4e557f0c1d43f2c3a77b95c492
3a94442f9685e6af00337c136a34ed75846e3d7f9cd10c920c81ecc4ee8c2b0b
GET /activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F? HTTP/1.1
Host: 8085313.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 260
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
34.242.179.188200 OK 37 kB URL HTTP/1.1 ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP 34.242.179.188:0
File type ASCII text, with very long lines (557)
Hash d363e2d544838fc73e8e41bb25b48fdb
e432edce4eb2fa259a240c324aceb59384756fbf
f0657825ba17fbbfd5e6aa5d862a758d0fd3d4597ba59844b626ee5130af732d
GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 25 Oct 2022 01:03:34 GMT
ETag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 cc21ae933690a5b4513677425cfed23e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: D-IjaAAQOLicMO1qQpB9SDVlj0ngDUJqmNHwPpHZUzsj9B_p4aRJGQ==
Age: 946868
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
66.29.140.111404 Not Found 957 B URL HTTP/2 myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
IP 66.29.140.111:0
Hash ce6f39b26062b0987e665f95929f4b97
87eef7ecaf63a29b90d0a56c612f0316281a2f50
5a795b4f1599450d7553576a11908d706f4b994c824bf4e81c60a292e22be33f
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1382
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 537aa7c2d1d8b67db93e232c7a9ab923
a4a1d61c77923b71f5ba25de5602309b6af51eb7
f687556a931dc10c3b2304c619b6e5a901e48a5bb241f6d3a3ba6eaa29f92bf2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5587
Cache-Control: max-age=161831
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Etag: "636c519d-1d7"
Expires: Sat, 12 Nov 2022 02:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 01:19:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
66.29.140.111404 Not Found 5.3 kB URL HTTP/2 myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14798), with CRLF, LF line terminators
Hash fcb71d9386de32aa8d307a1bb0be5a4a
6fc9dc3ce76b3fe07f7297904d3cd2d667fc32d1
a0d038f82586e6e423a9e2c2506f4592b757d3267e5f4cf42ee06d18d8637f0c
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1168
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
104.84.152.56200 OK 1.2 kB URL HTTP/2 www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP 104.84.152.56:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4339)
Hash 19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78
GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=311309
expires: Sun, 13 Nov 2022 20:23:50 GMT
date: Thu, 10 Nov 2022 05:55:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
142.250.74.34200 OK 262 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (506), with no line terminators
Hash ff899bb5414ac8ab10c73140f1390d4b
9aef25c619fa3fdd593a1aafe62321c0535c8316
b6ccbb1871053c952db863827d5dc6777b61668c64f3c9936dc9389b6adf617e
GET /ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8085313.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
142.250.74.34200 OK 270 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (499), with no line terminators
Hash e5c443b0f11a0c2f55e552eeb3a2e6b8
b54422071fa912220fa21112e4184066d47c70a1
e5fd3652d30cbe20fa6370164335ea597d59ed3927e82741a917eee7ea01f8a1
GET /ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8085313.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.36.218.177302 Found 0 B URL HTTP/1.1 metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Huntington
GET /b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: metrics.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 10 Nov 2022 05:55:21 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 09 Nov 2022 05:55:21 GMT
last-modified: Fri, 11 Nov 2022 05:55:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B6492495653729-40000AE3F314CB2D[CE]; Path=/; Domain=huntington.com; Max-Age=63072000; Expires=Sat, 09 Nov 2024 05:55:55 GMT;
location: http://metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
34.242.179.188204 No Content 0 B URL HTTP/1.1 ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP 34.242.179.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 c416f79611bca57dde019f04fe3cc36e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: aChayRCNFCuXD6A684JzX-Qu6G2TK8noZ7zrr-PQmhgwSP-dqe9W9w==
Age: 8328
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
142.250.74.168302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b
GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
13.36.218.177200 OK 43 B URL HTTP/1.1 metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP 13.36.218.177:0
File type GIF image data, version 89a, 2 x 2\012- data
Hash ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
GET /b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: metrics.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://myhuntington.hopto.org/
Connection: keep-alive
HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Wed, 09 Nov 2022 05:55:21 GMT
last-modified: Fri, 11 Nov 2022 05:55:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B6492494FAEA02-400012EC931C16C6[CE]; Path=/; Domain=huntington.com; Max-Age=63072000; Expires=Sat, 09 Nov 2024 05:55:55 GMT;
etag: 3582130975086903296-4619764046925403845
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
myhuntington.hopto.org/akam/11/pixel_7a8ba97f
66.29.140.111404 Not Found 705 B URL HTTP/1.1 myhuntington.hopto.org/akam/11/pixel_7a8ba97f
IP 66.29.140.111:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55
Analyzer Verdict Alert urlquery DynDNS domain detected
POST /akam/11/pixel_7a8ba97f HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
x-dtpc: $59717020_368h9vNAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0
Content-Length: 2772
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; _gcl_au=1.1.2104503373.1668059718
HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=20506ABF8C4461493D1D78E78D136009; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:21 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 54D262EC657A42DF8DDCB6783E0CA459 Ref B: OSL30EDGE0409 Ref C: 2022-11-10T05:55:21Z
Date: Thu, 10 Nov 2022 05:55:21 GMT
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c282fb89bdded9707f257751f23fc185
bfe872622a162e0afa35c9cd45742fba2fb15b13
3e66dbf4d736534ca78c1e386311a188e985a015e284a5659213b3b528e7cbc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1178
Cache-Control: max-age=120653
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Etag: "636bc1fc-1d7"
Expires: Fri, 11 Nov 2022 15:26:14 GMT
Last-Modified: Wed, 09 Nov 2022 15:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rtm7RSeBTqcv3/pFCA2q/iq9r1uXFGpY7GcE8lyGTCmLFoytPLSx/7Wa6yprHoL0OT32kTvff4PDdM7I+vdXcw==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Thu, 10 Nov 2022 05:55:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 901 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash 13e5ad0febebb6049f55d9d5998db934
fecd4693bc8684caee52d35496d931c022fb3ff6
2ce5392060ddb7e699c30e8d9760cc818412d5e11b60b3f43c72bf8d858bfcd7
GET /pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 899 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash 74c0cb46d1cc0b23dc66192b87a878f5
7e076fba191e417d3714b202a57cfc522c3dbca1
4f9e73cd866adb1de7448fd5cb2b22089bebdfae347946a751fd7f13ecf88eb9
GET /pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 899
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 900 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash fd4ee9d5a3f1a2020faff54a464df23e
bbfc7e21da0efc7b2f962aaabc17b9eec283f93e
626f92232090607bafb3d2981065e40946a8c3d2f858e449db86781855f5ae45
GET /pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 900
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 900 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1921), with no line terminators
Hash 8dab9e7c9e94197284ee4205ba42e3a6
351a19e934cc0dda80bf612886712962f91b9758
49646b9cca1759049be1d3aeda3057acaea449c75ede9c09b8ee188b3dc10d8b
GET /pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 900
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/ytc.js
188.125.94.206200 OK 5.9 kB IP 188.125.94.206:0
File type ASCII text, with very long lines (16553), with no line terminators
Hash 2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xrb3eRe8MxuxGLLv039i9W4uu93jp3Kd7wp2Sf89R6izQ7cTPEHjjakdaV1XLlBCwTF1Gx0gJhc=
x-amz-request-id: TWF50GVATAHWSXNH
date: Thu, 10 Nov 2022 05:20:34 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
etag: "6a624022b5d271dcefb070b0b6670abc-df"
age: 2089
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E4455E8D17B6F230D3A47B0D08E6E8C; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 844C04FB70C3483895C4263D154F0A9C Ref B: OSL30EDGE0117 Ref C: 2022-11-10T05:55:21Z
date: Thu, 10 Nov 2022 05:55:21 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 902 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash 49590b4ec78343cdfcb095274ff4b2a8
140af1f8ceff58fc5225181dc4ef18a57baf84df
c770a622662d3b63c3519da43efb928f4736781ccd37309a410a269e2e868751
GET /pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 902
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c282fb89bdded9707f257751f23fc185
bfe872622a162e0afa35c9cd45742fba2fb15b13
3e66dbf4d736534ca78c1e386311a188e985a015e284a5659213b3b528e7cbc5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1179
Cache-Control: max-age=120653
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Etag: "636bc1fc-1d7"
Expires: Fri, 11 Nov 2022 15:26:15 GMT
Last-Modified: Wed, 09 Nov 2022 15:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 901 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash aa768b40353f6685f384f8e510e17e4d
2b84778b573bdd1963867ff5c0b19548cce1ae60
66e3bc42b2c8817930efd8a72b93d7217d14f241658a0fc568221f4779766f37
GET /pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 899 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (1923), with no line terminators
Hash d66befe9da021f59d26a552275f49233
3698aa90ab9acdb3180fe74412611852d40bec3b
44346f3a24840eb61e4fa6ab9466d7eaa8afd971b406e9ae7dea294db7a69b05
GET /pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 899
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
myhuntington.hopto.org/acc/assets/img/favicon-16x16.png
66.29.140.111200 OK 629 B URL HTTP/1.1 myhuntington.hopto.org/acc/assets/img/favicon-16x16.png
IP 66.29.140.111:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b3edcae46fea41cde6b830ecfe7f89e4
f031fd0f0050d9601254e35eecb6d573585418f9
5c838bb93e9d85d3badb18e708a16a8287505922eada63ed4fb7495eaefb0a17
Analyzer Verdict Alert urlquery DynDNS domain detected
urlquery Phishing - Huntington
GET /acc/assets/img/favicon-16x16.png HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; _gcl_au=1.1.2104503373.1668059718
HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:22 GMT
etag: "275-5f9fee52-102495;;;"
last-modified: Mon, 02 Nov 2020 11:32:34 GMT
content-type: image/png
content-length: 629
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:22 GMT
server: LiteSpeed
connection: Keep-Alive
www.google.no/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/5067672.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5067672.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5067672.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=2C2EE2DA99B46A313B9EF08298416B17; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AC4C1B2637D4558BDE7B3F5B3C43458 Ref B: OSL30EDGE0117 Ref C: 2022-11-10T05:55:21Z
date: Thu, 10 Nov 2022 05:55:21 GMT
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten
212.82.100.181200 OK 0 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 05:55:22 GMT
expires: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEqSbGMCENuXEphfsgyy3CPBowUv0csFEgEBAQHjbWN2YwAAAAAA_eMAAA&S=AQAAAnZMEbxpN5NHAnaHkRYqfz8; Expires=Fri, 10 Nov 2023 11:55:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten
212.82.100.181200 OK 0 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten
IP 212.82.100.181:0
ASN #34010 Yahoo! UK Services Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 10 Nov 2022 05:55:22 GMT
expires: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEqSbGMCEC93fH-McB2x4Z5AnEUhCJYFEgEBAQHjbWN2YwAAAAAA_eMAAA&S=AQAAAmfkd8LTw9hzFtF-sbc2LXM; Expires=Fri, 10 Nov 2023 11:55:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1>m=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.5 kB URL HTTP/1.1 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12826)
Hash 806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
HTTP/1.1 200 OK
Last-Modified: Wed, 09 Nov 2022 19:27:04 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
X-EdgeConnect-MidMile-RTT: 16
X-EdgeConnect-Origin-MEX-Latency: 349
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86355
Date: Thu, 10 Nov 2022 05:55:22 GMT
Content-Length: 4530
Connection: keep-alive
X-CDN: AKAM
cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery Phishing - Huntington
OPTIONS /partner/291554/domain/myhuntington.hopto.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://myhuntington.hopto.org/
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 10 Nov 2022 05:16:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xBqPBFZJ-Bnysi2vJzjW601wxizzgTGTE6xFyPZEzTh23boOPq9e6Q==
age: 2333
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Nov 2022 05:55:22 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Nov 2022 05:55:22 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLKTjTXJYTFLAAAAYRgG3LiuwKoeB_WlDPm12R06V3Eku82Kr1ISaw496Bf8a9BOMKYH_lVWKADiw; Max-Age=2592000; Expires=Sat, 10 Dec 2022 05:55:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLh6M8ctvL_VgAAAYRgG3LizFIJGB3DkmnzT2EDPWr38BELrFCqbvZGReLhOPxvhcIXb5vTKdQ-acsOkFgpzw; Max-Age=2592000; Expires=Sat, 10 Dec 2022 05:55:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&6ed323c0-daed-4666-878e-f69e352a66aa"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 10-Nov-2023 05:55:22 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2414:u=1:x=1:i=1668059722:t=1668146122:v=2:sig=AQHDrPjV0sdUu4ro1Z5DsgGP1m1CuKP0"; Expires=Fri, 11 Nov 2022 05:55:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtF2s4qXnpbZ8H+75U1A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2AD48A79BA834B798CBC4C80417B5FE4 Ref B: OSL30EDGE0517 Ref C: 2022-11-10T05:55:22Z
date: Thu, 10 Nov 2022 05:55:22 GMT
content-length: 0
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://myhuntington.hopto.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&46053897-5a7d-47bc-813b-b8daa7441e44"; Domain=.linkedin.com; Expires=Fri, 10-Nov-2023 05:55:22 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202211100555226c2df49a-97bb-41a4-82c6-966ec317982dAQF1HCqhv9Mz6hqD--WUJti23wem5VQV"; Domain=.www.linkedin.com; Expires=Fri, 10-Nov-2023 05:55:22 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjgwNTk3MjI7MjswMjE0I0JQxtsfNvbT5hjNJ8TP7qezCl5y+S4thrUgzK4aXw==; Domain=.linkedin.com; Expires=Tue, 09 May 2023 05:55:22 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2428:u=1:x=1:i=1668059722:t=1668146122:v=2:sig=AQEfxPIvrgheVX7AoGb_uydy60o13KiV"; Expires=Fri, 11 Nov 2022 05:55:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtF2s63UaD3YCW63IBTg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF29F16DF39C4D1CB87FC478747D8268 Ref B: OSL30EDGE0517 Ref C: 2022-11-10T05:55:22Z
date: Thu, 10 Nov 2022 05:55:22 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
54.230.111.112200 OK 86 kB URL HTTP/2 cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
IP 54.230.111.112:0
File type JSON data\012- , ASCII text, with very long lines (64435)
Hash c0d9d2303a9d715ab67ef49944b5457a
9751b4a0df974b0804d78919d9d57589386a8020
69ff7dc14557578f991f6b6c917f86c249212c4e18bd0d37b01e49c8f591066b
GET /partner/291554/domain/myhuntington.hopto.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 10 Nov 2022 05:16:31 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Aio_hV1168F13H0Fdkblv8Ew0vcANxHN9XmD-qfaH6DO_wAygx212Q==
age: 2331
X-Firefox-Spdy: h2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013
3.216.85.62301 Moved Permanently 134 B URL HTTP/1.1 trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013
IP 3.216.85.62:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 10 Nov 2022 05:55:24 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://trk.clinch.co:443/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ee2f0fcc5031e4cc7d3176d81bef5a0
38245c687e8f8ebfb28293d59d7809f796344f96
458a65afa5bfb4fd4c65b46031eb357b3bac4e683fa7a224075358b450b8c290
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "458A65AFA5BFB4FD4C65B46031EB357B3BAC4E683FA7A224075358B450B8C290"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9688
Expires: Thu, 10 Nov 2022 08:36:53 GMT
Date: Thu, 10 Nov 2022 05:55:25 GMT
Connection: keep-alive
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1
100.24.162.178200 OK 28 B URL HTTP/1.1 mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1
IP 100.24.162.178:0
File type ASCII text, with no line terminators
Hash b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028
POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2330
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 05:55:25 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28
connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable
IP 31.13.72.12:0
GET /signals/config/121543311796381?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: xv8n4co9DJxg+dEqBMJw7vlQvvaXbVcgbF0s3Q4CobdNpksny1SDEFR4mJb1A39+wyIAuUFQdks2OcFiNuL5Yw==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Thu, 10 Nov 2022 05:55:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2