Report - myhuntington.hopto.org/acc

Report Overview

Submitted URL
myhuntington.hopto.org/acc
IP
66.29.140.111
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-10 05:55:30
Access
Website Title
Final URL
Tags
None
urlquery detections
DynDNS domain detected
Phishing - Huntington
Phishing - Huntington

Detections

urlquery
68
Network Intrusion Detection
0
Threat Detection Systems
62

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
myhuntington.hopto.org	unknown			15 kB	1.8 MB	66.29.140.111
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-10T13:12:29Z	361 B	6.8 kB	188.125.94.206
ensighten.huntingtonbank.com	91425	2019-02-13T12:49:10Z	2023-03-08T05:39:31Z	1.5 kB	39 kB	34.242.179.188
trk.clinch.co	5423	2014-12-18T19:54:09Z	2023-03-10T11:01:17Z	527 B	472 B	3.216.85.62
mef957.dynatrace-managed.com	107553	2019-04-14T23:07:15Z	2023-03-08T05:39:35Z	644 B	167 B	100.24.162.178
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-10T11:11:31Z	592 B	2.9 kB	13.107.42.14
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
adservice.google.com	76	2021-02-20T17:10:48Z	2023-03-10T15:48:12Z	1.4 kB	1.9 kB	142.250.74.34
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-10T10:16:19Z	306 B	4.9 kB	23.36.76.210
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	1.7 kB	4.0 kB	93.184.220.29
adservice.google.no	96969	2018-06-20T01:38:38Z	2023-03-10T05:19:42Z	1.3 kB	2.1 kB	142.250.74.162
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-10T05:15:22Z	803 B	30 kB	31.13.72.12
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-10T07:09:08Z	4.9 kB	5.3 kB	142.250.74.35
sp.analytics.yahoo.com	816	2014-01-31T21:48:24Z	2023-03-10T05:19:44Z	1.2 kB	1.8 kB	212.82.100.181
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	1.4 kB	698 B	31.13.72.36
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-10T11:11:31Z	479 B	1.4 kB	13.107.42.14
8085313.fls.doubleclick.net	unknown	2017-12-20T05:58:46Z	2022-12-17T11:54:58Z	685 B	1.2 kB	142.250.74.70
www.huntington.com	56151	2014-08-03T09:06:58Z	2023-03-08T05:39:31Z	460 B	1.9 kB	104.84.152.56
metrics.huntington.com	unknown	2022-07-03T15:23:49Z	2022-12-17T11:54:58Z	1.8 kB	2.0 kB	13.36.218.177
www.google.com	7	2015-05-10T13:11:19Z	2023-03-10T12:19:40Z	4.9 kB	5.3 kB	142.250.74.164
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	54.149.101.24
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	50 kB	34.120.237.76
cdn.linkedin.oribi.io	unknown	2022-10-19T16:36:39Z	2023-03-10T11:40:01Z	1.0 kB	87 kB	54.230.111.112
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.7 kB	7.1 kB	23.36.76.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	7.2 kB	15 kB	142.250.74.35
bat.bing.com	387	2014-04-08T11:23:16Z	2023-03-10T09:34:35Z	1.3 kB	13 kB	13.107.21.200
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T13:03:15Z	2.7 kB	49 kB	142.250.74.168
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-10T16:21:16Z	5.0 kB	13 kB	142.250.74.34

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-10	medium	myhuntington.hopto.org/acc	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-300.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Medium.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Bold.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Book.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-700.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-600.woff2	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/121543311796381	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/bat.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/ytc.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/fbevents.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/js	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/7a8ba97f	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/outdated.min.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/img/lockup.svg	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/img/EHL_Black_HouseOnly.svg	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/img/logo-honeycomb.svg	Phishing
2022-11-10	medium	myhuntington.hopto.org/acc/assets/js/nuanceChat.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (50)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 14:59:56 Times Seen37020986 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c	138 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 6582e0aaf8aaf25b67642e3316a81497 d45b7fb79a60aabf766c9582590f357a7394238f fa8133b5f790f6f9f91aa692bdc4399cccd2f77dd93969385a24159d8822ddea Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	113 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash fcc5a5a824a3b684c98181acac4cf404 689b20c2e62f63ae62777ba7e993e4f6799c2dda 23a10864309abf0f9e9ee3c77e6ce0217d305db67f71f36bbf9964a099b6582d Loading...

	myhuntington.hopto.org/acc/assets/js/fbevents.js.download	90 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/fbevents.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:33 Last Seen2024-04-08 20:09:58 Times Seen98 Hash 61df3554472fe8057b5ae4537648d00d 125767dc32df57aa86a64801d9457923e378b397 e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca Loading...

	myhuntington.hopto.org/acc/assets/js/ytc.js.download	15 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/ytc.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen251 Hash 49db10c8315384e8dad2e92a6841ed81 f576976a579cd50da6b717db5d48e1ea7137f744 63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478 Loading...

	myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download	154 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen196 Hash d33104f26092658d2becbbfa66e9d1fb 9c33f190903b2664af1f20b3a16ce2dca13d8a49 4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e Loading...

	myhuntington.hopto.org/acc/	26 B	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-23 09:11:05 Times Seen19634 Hash 339aaaa033bd435bc3d3442976b21150 309497f761b4649d113688cb611242810ed2a8bc 47536a23eb95f0f1d8f00b6ef54ac4553cc05d06ddce49260dab7dc9f083296d Loading...

	myhuntington.hopto.org/acc/	482 B	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen54 Hash 30092b66bd92ab05d4da2dbf5e412263 5e7611ebcec6a5b90317d3cc2d30f47c80dfb87a 19e22d179543fb3fc0d5dcc8502f6fbec83d3422090578ce035173b297fa6620 Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	137 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 8e9b845549b3b7b392fdad5accc9fb14 de78efd9babe2c501bf9ac68c995ee2029027c57 bbda84cf211cb3ea530fb0e636edaedf86bf1421e505cb1af94739b7a6c5b60f Loading...

	bat.bing.com/bat.js	39 kB	2023-03-07	2023-08-25
Pretty URL bat.bing.com/bat.js IP 13.107.21.200 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2023-08-25 07:33:07 Times Seen42 Hash 16911c194f6e9313655f07c4eb9d8737 d39ccfa8c6d785af331afafe9e36336031f41b64 30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7 Loading...

	connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 09:15:02 Last Seen2023-03-11 10:30:39 Times Seen1 Hash c3c13ec4f3edc4a44ef832e3d5d0d7c7 f285423f93b15a5d1978074b77297c351f0bc8a1 f456d84479bfd2aad84b3acf46e06ae8d72ef17bdf47b5ca53255029dc9f6848 Loading...

	www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c	137 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 87872c856bd8f22bde0f2dfd55411205 c0b3258df9e3ea51357b9a5f3706133be46d032e 4035c3af3d398fd22d4048dbb47d17ae4bc87925020320a501b3b7ecdc546c26 Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	15 kB	2023-03-08	2023-09-14
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:58 Times Seen111 Hash c12dd0f8c53c6d8f8a5c845a2f892307 5e880be41d047f1b7754e93e8a44347d28482702 b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 27f76bd3b61263b42cbb9c891f76afeb 26adc67e94512168710f0a1d5d583b979b485110 78f763432db1f1a6e398d1f905728cff896306c383cd97a813330beb8ecde24e Loading...

	myhuntington.hopto.org/acc/assets/js/121543311796381	21 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/121543311796381 IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen87 Hash e3bf3fa0a912c14bfe1c0b7282fbfa8a 96b0a4a037c23ce2e7bc90c146610c473549665a 1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138 Loading...

	myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download	7.5 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen286 Hash 374ca92abaa98bc7b2f19fe64114a18b 4c0a1441026a9337d322d7ae5536df1427e5c140 7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806 Loading...

	myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767	72 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767 IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:41 Last Seen2024-04-08 20:09:58 Times Seen386 Hash 335f2776eaf4ca7eca9953d2240c3316 5f5702f072d8e721dd3557ccd2a0944b3cc58fa5 ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5 Loading...

	myhuntington.hopto.org/acc/	26 B	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-23 09:11:05 Times Seen19636 Hash 8cf91652fc7787b535b26f390f9ed9af d39e49793059ab3b8a97b61bac69ad2a451c8ff2 f876a7b1e6234843f5d8487af055addd42fe6018d4f4e2f29ab08c0f08a85d94 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-10	2023-10-31
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 17:19:33 Last Seen2023-10-31 18:18:05 Times Seen6 Hash 8938d4fc65afd3422bf533482ca33a53 2d92351d88fc6fd59cdac7d801753ac64ba52277 f896040524443394b8b1ba4fbd1de94be74378ab901e53b3b40c1323d1735143 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 47c41c493dc499f81e8efddb8f602911 765b6500e2ff34d7955ece13575bb7ff06da0584 f0bab960e3265061bafd01d924b32ac2a8ec15408c418f3654d8bea722a1725d Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash d7be42e03eaf40483416c8ae3d22a4c0 108e62ac16d24682ef007d18b00e00254d811248 e9bc0c6ea8297201c2116787c9ba9637513c45059543955271758499482ff0ec Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 50b9d37aedc082943684bdd199810448 0ddd9ffab0bce2d45f11d032c09e7d0eade80f52 925db6485ee4cc0dcee7a713cb820255683f3173c212cb4aeb20adf54c8dd63c Loading...

	myhuntington.hopto.org/acc/assets/js/7a8ba97f	33 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/7a8ba97f IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen66 Hash af77eedae6083a5bd6f07cec713ab58d 2804fbe107e6af68bf7e2d39cfb176987e1fc9ad 06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33 Loading...

	myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download	462 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen81 Hash 325f5dd8b44503ea1799409a40addb9e 3887ffbc86f01677d34cce7ac8839305e175e97a dbe44f4b698a44798e63a0177f6283a2dff01335f142be72dccfedd66e91554e Loading...

	myhuntington.hopto.org/acc/	26 B	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-23 09:11:06 Times Seen19632 Hash 91e37f24be76111b93a0ff728b96cddb e1740ea479e156d424cb918060d779528ecc8fae 49ef43da1c84ec34b398aaab43e8debad168559596297c7586e9c9e8239c79bf Loading...

	ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774	145 kB	2023-03-08	2023-09-14
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 IP 34.242.179.188 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:59 Times Seen150 Hash 5828bc2a2ceaa2961527eedaf4167b77 166d54624e012273fa58054d82c8148435c6f51f d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-13
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:42 Last Seen2023-03-13 04:47:26 Times Seen1 Hash ccebe282ded746fbb6ea21ac6a200a36 75bb7beb33754f5a6fc3bee95674aef319613501 9549e9deeeab6d3a9f6ab1347e1b859fd5791cec82ff1a4175757c28b3df78e7 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash fb4013ac84d983525f627ef00baad0c1 c901bb9f64b006530772f5d970507e22f926ef32 51e56b2b776112a482c0f40ea430a92fc85910baa073620464079e578fced963 Loading...

	myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download	46 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen402 Hash 3023bde795e4926691e3691ace0d9356 053c86b53ec7bca624cffc3f6321697d35a1c5d5 1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5 Loading...

	myhuntington.hopto.org/acc/assets/js/js	97 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/js IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:40 Last Seen2024-04-08 20:09:58 Times Seen87 Hash 67e765e44e7d18ed41711d7e4935bc50 0289b9754b56ba057550a7e7d62e0b3587e43f2d e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c Loading...

	myhuntington.hopto.org/acc/	26 B	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-23 09:11:05 Times Seen19634 Hash 0096b3a75c132c10f6a90df56192e4d7 07cfa420d654e1531d97a9dccd23f4bede5edde7 7e519b79026424c478dc1b72f347eb1327c9d01dc2458973bafe2690ca7d016d Loading...

	www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c	137 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 32340eadaed69850d6c87fb2e3f74005 634690a47f028f89dc222fa666325d05881e6ec5 ac0c9f91eb6226752c9fc799ad34f0a0f86a41344ca357dd71e8121c9fd9d3a8 Loading...

	myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download	182 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23:04 Last Seen2024-04-08 20:09:58 Times Seen94 Hash 227400e4070ac91189e80b05077abe20 714374d4c852c2058b1df7f4a6ff9f7acc164867 d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8 Loading...

	myhuntington.hopto.org/acc/	33 B	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen39 Hash 9671cdd78be44428a6396c3962992821 956a083d2f430a50e7193ca9cfc72b8ba11407c1 c786cc12c5317c364317a10c584eb7bff7e321c5e38d0d121d35801f2f3b89f3 Loading...

	www.googletagmanager.com/gtag/js?id=DC-8085313	113 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=DC-8085313 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 051675c30699a44fae9e36ebcf811f24 bb7e0a74039145948e2038903500828600ae098c 05a29bcf1422af17e75f2dc6a0b8d2fdcdbd1dc45f144c336ea661777a163fbf Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F	319 B	2023-03-11	2023-03-11
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F IP 34.242.179.188 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash eb8b30885b743d125c0cc5bec620d1d4 ba2b9c3c500a712f50a8c86ee8e91d1a1149165b 46d1f912f5c981060bd195c78223a6e582f7373c7a6f5ac4b980825d6e0c2d2e Loading...

	connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable	26 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 7e95176ae0bdb6f55443c92f9a81451f b58bf1c545da3445de13325a99bfb638213232f0 b8ee2509588234a51123173dd27811304652b8de589633db6015bc31c51cfc2b Loading...

	myhuntington.hopto.org/acc/assets/js/bat.js.download	28 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/bat.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2024-04-08 20:09:58 Times Seen222 Hash f07693f6368c988acd20de4362479103 d04355e119fac2c9104c4fe98015e22f3f181d93 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515 Loading...

	myhuntington.hopto.org/acc/	26 B	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-04-23 09:11:05 Times Seen19638 Hash 813f7afe12806d2df1c685b53ab49c0e 8ebc2ee97e18dd336b670b53dbccdfb8788a5825 ab008176ac77145e392d8392787e81c90c2592a54b1590d8779c74f956c0e46a Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.206 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 007140c65aff0d70476a81aa1e02d060 b4999a66a80823d8d70dec34a5807c4de535f121 3140f5c90f991455d9d84479d1c48ffe14cbbd9a641189cd077383fa37298261 Loading...

	myhuntington.hopto.org/acc/	149 B	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/ IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen54 Hash ac7f43c44fed4cf6e09d96b5a4357066 8e27fa7a539f5061bddf860541196d42c3655295 1a942a06f7da3702b3aba558359f26651da850132325b59469c65476655d3443 Loading...

	www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c	183 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 4f907a1941894dcb25aaca42710aeb05 322aee2939f47c240dc7401dab926ab23ef3d576 7ca847fab880230b3bbee763e32e6cfe1319bc39597ef3f1cbf71c0ea321ac0b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4	1.9 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 10:08:14 Last Seen2023-03-11 10:08:14 Times Seen1 Hash 0960319a0e3b753ba3e315529bd039e0 3acae074915f91bfb429e2d25b48319a3c8bede4 4f2cf888debde604ce0c2503d11e6c04b5bb3638f2ffa0a83787450b27611d35 Loading...

	myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download	90 kB	2023-03-07	2024-04-23
Pretty URL myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-23 14:06:06 Times Seen138794 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download	22 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen93 Hash 1c9d96d3f228156fd7e9df9c531871d1 a118554b1208e30af4a0fef948c9566b8e7f4a94 648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26 Loading...

	myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download	226 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen177 Hash 8746e0eaa34beca77c5679a495ed1d3a f8bc25c85508043935f3e63ff5cd1196c35762d6 83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991 Loading...

	myhuntington.hopto.org/acc/assets/js/outdated.min.js.download	1.1 kB	2023-03-07	2024-04-08
Pretty URL myhuntington.hopto.org/acc/assets/js/outdated.min.js.download IP 66.29.140.111 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen89 Hash bc854aab7af244173e4dc2ca2a8f471a 1f0444814fabf2d764af527d1718e376ca0c89c1 11a2b7d65804df37c5d5801da23212eddb8530ffb15a5b67d77a8ccdcb5b8199 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b2c2041f8d99c45e0f21474fe4f8b7bc	17 B	2023-03-07	2024-04-22
Pretty Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-22 18:55:53 Times Seen7444 Hash b2c2041f8d99c45e0f21474fe4f8b7bc 0b876666393469c726a2e3edbb29544c03a92154 17f5bfdbae6b35ae8bc3b27c069526d694021fe1e37a8027678e770fbb05e061 Loading...

	#2 Eval - abd82b106990079cf29b61ea719db04a	68 kB	2023-03-08	2023-12-16
Pretty Observations First Seen2023-03-08 02:01:46 Last Seen2023-12-16 16:32:32 Times Seen4 Hash abd82b106990079cf29b61ea719db04a d5eafd458e323c56cd050a262165cf698ed3af43 8c1755cee44235760489dc2078c303ed5dad2aef0bf717564c684c3196a9a6cd Loading...

HTTP Transactions (138)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9414
Expires: Thu, 10 Nov 2022 08:32:11 GMT
Date: Thu, 10 Nov 2022 05:55:17 GMT
Connection: keep-alive

myhuntington.hopto.org/acc

66.29.140.111

301 Moved Permanently

449 B

URL HTTP/1.1
myhuntington.hopto.org/acc
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
449 B (449 bytes)
Hash
81b86344e90d8d322dab8353036efd50
befcfa244bee748f35c94f45a65ef754fdad3fc2
86f19cb22656df46165dd8ad27285900b450fa09a030c8e7c53cb62839772116

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
content-type: text/html
date: Thu, 10 Nov 2022 05:55:17 GMT
server: LiteSpeed
location: http://myhuntington.hopto.org/acc/
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
4c6e4047ec266b87485610e26a85bb6f
cd543757597609d7309d02652318359078a965c2
d8aff7a24f3274782b4f41d6dbd181ba817f5a562d992a3a82966481c91f8a90

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4453
Cache-Control: max-age=107400
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:17 GMT
Etag: "636b8168-1d7"
Expires: Fri, 11 Nov 2022 11:45:17 GMT
Last-Modified: Wed, 09 Nov 2022 10:31:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b57492bf85f4ae6abbd1641b17dc9ab
008e71ec05d47bf025ca64e17da2ea1bd8e71111
17894427c471f7fa02ca274795dc55df1bfc99d7bd83f9ee36249394035110fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16999
Expires: Thu, 10 Nov 2022 10:38:36 GMT
Date: Thu, 10 Nov 2022 05:55:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xP9RoWUVwFkkO2aD2os3ztpiP+LxSkgXIwFtLOL2oPCJCFTC2EtwDlntPVP0vrI+HBGc4fORkGw=
x-amz-request-id: 7PN16WQWGBVDWXWT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 10 Nov 2022 05:12:01 GMT
age: 2596
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 10 Nov 2022 05:55:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c59d06092401e375df491b06ee8e6dbc
2e27b8ff7c08a5349e27969bc2a08e5e19d0c1da
23ee4ab633fcf67dc5d4d1931450e365cec8d436ef1f9ba5f46b6bab974724c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3132
Cache-Control: max-age=101023
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:18 GMT
Etag: "636b6da9-1d7"
Expires: Fri, 11 Nov 2022 09:59:01 GMT
Last-Modified: Wed, 09 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.149.101.24

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.101.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iDaK1tfeJiCpOb+TBvsmPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SzXQbwU4VuV4iIQnWsJmTz2fSdQ=

myhuntington.hopto.org/acc/

66.29.140.111

200 OK

27 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3686)
Size
27 kB (26897 bytes)
Hash
e3adc4f97e2071f3012c3e722e741842
e710beb6dd0ff86781faea74614c863484a3f348
923c5f101b7cee800595b26560ae9a68aaf2413062aaf76953d5560fdf43dd14

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
set-cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
content-length: 26897
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/css/site-survey.min.css

66.29.140.111

200 OK

1.1 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/css/site-survey.min.css
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4339)
Size
1.1 kB (1129 bytes)
Hash
c97510fa2447d28179e86c812f2892bd
d4155ed2082d208adf94015e89d43bc21298c0c8
add0f1dac2edc2fc4763afcbb2b339ea2915caec1042da78d3d1d92057901681

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /acc/assets/css/site-survey.min.css HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "1124-5fa01cfa-102484;gz"
last-modified: Mon, 02 Nov 2020 14:51:38 GMT
content-type: text/css
content-length: 1129
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-300.woff2

66.29.140.111

200 OK

17 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-300.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 16872, version 1.0\012- data
Size
17 kB (16872 bytes)
Hash
3d9d9afae68fc95977ec200c119c42a1
2b44b2f5ec04f2f06fd28c9041fb8fa582ab8fcc
f43ea36b900ae7aa4ec07956e9b1223ab00dac1f766d97580b1e2bfe721cdc24

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "41e8-5f9fecf6-10248f;;;"
last-modified: Mon, 02 Nov 2020 11:26:46 GMT
content-type: font/woff2
content-length: 16872
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9283 bytes)
Hash
a929256680885031f55121c35d626bcc
9caf2466f70995d5763b970f916c4944b364a4ff
9366db1c171fe9dae5946198415c9a02005a432fccd359896f94bce874c91027

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1301540a-8618-4725-97e7-ac03773f7ed0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9283
x-amzn-requestid: c800cccd-80cc-4cd6-8856-66cfd07141c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWmC2HnpIAMF3kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1d45-686eac2b6c65b8dd41dfb44a;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:36:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2SqQjq27y6Vrwzl9a_ho6sOPImE7Fpbyxie8_fuPGa6bf8fn-yX0Jw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:13:45 GMT
age: 27694
etag: "9caf2466f70995d5763b970f916c4944b364a4ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4959
Expires: Thu, 10 Nov 2022 07:17:58 GMT
Date: Thu, 10 Nov 2022 05:55:19 GMT
Connection: keep-alive

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7723 bytes)
Hash
8c2db9097ad95b726c65a3130483daf7
2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79
1da5e63e7a3e837c758bb365e5e99e6dfb6c54e9b2fe038c3eb1334a86dc4d74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F790db4df-e6d4-48ab-92fb-179a770f76b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7723
x-amzn-requestid: 1e07419e-8cd6-43d6-b0bb-61183502ee40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlpGHFKIAMFUUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1ca0-751c8b152ea5c28f5a78bf46;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: BXdwO74rhbF9575IFRz-DNbcEFNiX7JiCtsvghmUE8zOju0eyuFjow==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 22:16:00 GMT
etag: "2b6dbe326a49e03a0f8d1a5d15930fd7870f6f79"
content-type: image/jpeg
age: 27559
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11316 bytes)
Hash
848af62ec10d0c297922f8600b6ad12d
4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d
a3b4eb6768259876819d7e6c7ac9e21c603d54f60bf70ed077cb820711e2ae74

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b66f592-618a-4463-834d-ff9bbe8866ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11316
x-amzn-requestid: 8456b25a-b87f-490d-86b3-fb217afea082
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWlniESaIAMF3Qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c96-30ed3b0972418bae4700edc8;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: paNICiysr9pIOxtqOqjnIOValYbM8InQZ9SmEOUIJirFQd03IN6eRw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:43:10 GMT
age: 29529
etag: "4eadbf5f0dade92dcc6d68c8ebb70898aadb9a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.4 kB (3445 bytes)
Hash
178b1b5efcd0c5997d0e5b820193abe2
460630852800c0304295c78df268bfec64416f98
9822d2ef4199dcc01f81a8e6d3a91d9545466c17abfca4eb30e0a49ca8301da6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F407f630c-7642-40eb-8db3-288b03315712.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3445
x-amzn-requestid: 92b5ba7a-e45a-495c-89ae-9738fd5644bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bWloyHMpoAMF-Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636c1c9e-5508b96c349a34537809ef0e;Sampled=0
x-amzn-remapped-date: Wed, 09 Nov 2022 21:33:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3-XU3AO60wbMDZcPshBPHvxEFAQHVs7-dlg52BfbxkSlDAEx9kaeeg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 21:50:01 GMT
age: 29118
etag: "460630852800c0304295c78df268bfec64416f98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9082 bytes)
Hash
7fa2648bda72248fd56cf98d3b2210b7
d10647bb2b9705edbbb21ddd7092404fff8b1491
a89679ead6f90b21f7d020911ca809686ea17d8c15e62e645462a5ee675a5c2b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ff77ae1-0bc8-4557-a572-f76f4061cd8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9082
x-amzn-requestid: f5e67e88-d5ef-4f68-86f9-f59f85eeb751
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAwmFdrIAMFuRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae6a-38bc67d714f60c1f5e0f007c;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:06:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hLaLpJKOvpvEw974yp7tKSP6ynnzRbAIP0hyH03CJTHT4MikDu9QRg==
via: 1.1 f4ae8c7714a9bd89828bad25fc96be24.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:32:50 GMT
age: 73349
etag: "d10647bb2b9705edbbb21ddd7092404fff8b1491"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3181 bytes)
Hash
2dcde51bc367052b5d4566f2e99cef9a
0481ae2ec1c61273232fb22fc2a78d6e0d2048d6
303700c24ab524cd55bf4924e1c8032708df4498032232082b5321ac075461b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c75dde9-2bef-4822-a6fb-e0589a3fab63.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3181
x-amzn-requestid: 497229d6-6e60-4a06-840e-760b26d0400f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOA7hEDYoAMFXmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368aeaf-79a19c2f615ee65534b23b77;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:07:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: x6ry-81sAws-TsvlqOQMD5laeUR1hfK9d_N507AgFU5AepaF_rq5Mg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 09:40:13 GMT
age: 72906
etag: "0481ae2ec1c61273232fb22fc2a78d6e0d2048d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Medium.woff2

66.29.140.111

200 OK

20 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Medium.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "4e08-5f9fef8a-10248d;;;"
last-modified: Mon, 02 Nov 2020 11:37:46 GMT
content-type: font/woff2
content-length: 19976
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Bold.woff2

66.29.140.111

200 OK

20 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Bold.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "4d00-5f9fecb8-10248b;;;"
last-modified: Mon, 02 Nov 2020 11:25:44 GMT
content-type: font/woff2
content-length: 19712
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Book.woff2

66.29.140.111

200 OK

21 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-Book.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "5070-5f9feccc-10248c;;;"
last-modified: Mon, 02 Nov 2020 11:26:04 GMT
content-type: font/woff2
content-length: 20592
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2

66.29.140.111

200 OK

19 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "48cc-5f9fecd8-10248e;;;"
last-modified: Mon, 02 Nov 2020 11:26:16 GMT
content-type: font/woff2
content-length: 18636
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-700.woff2

66.29.140.111

200 OK

17 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-700.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 17128, version 1.0\012- data
Size
17 kB (17128 bytes)
Hash
8f65fa68cfb5d8cc4f4fa728a470332b
62b57f937d710caae3ee52435ba0c408e8653c43
34f3c7445d22c1509aeecc5d020b6d24c9e2f63b3c0514cebbc3813798965273

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "42e8-5f9fece8-102491;;;"
last-modified: Mon, 02 Nov 2020 11:26:32 GMT
content-type: font/woff2
content-length: 17128
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-600.woff2

66.29.140.111

200 OK

17 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/fonts/muli-v11-latin-600.woff2
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 17080, version 1.0\012- data
Size
17 kB (17080 bytes)
Hash
b6e5b86d74352699fff02e4bdc5185e5
f01de24cfaf2f20e715e4d49023fcb19b1a62d1d
d09bb7e3de3760ca1d9375090796e4f1cf180f43c6457a874ed22c3b0a0b07ea

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:19 GMT
etag: "42b8-5f9fed02-102490;;;"
last-modified: Mon, 02 Nov 2020 11:26:58 GMT
content-type: font/woff2
content-length: 17080
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/

66.29.140.111

404 Not Found

705 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
705 B (705 bytes)
Hash
bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/121543311796381

66.29.140.111

200 OK

21 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/121543311796381
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6957)
Size
21 kB (21019 bytes)
Hash
e3bf3fa0a912c14bfe1c0b7282fbfa8a
96b0a4a037c23ce2e7bc90c146610c473549665a
1358a42f383b6e651d8412fbd5ab4c3e89b8c427d325815783e78d00d95e4138

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/121543311796381 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "521b-5f9feb16-1024a0;;;"
last-modified: Mon, 02 Nov 2020 11:18:46 GMT
content-length: 21019
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/bat.js.download

66.29.140.111

200 OK

28 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/bat.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (28050), with no line terminators
Size
28 kB (28050 bytes)
Hash
f07693f6368c988acd20de4362479103
d04355e119fac2c9104c4fe98015e22f3f181d93
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/bat.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "6d92-5fa147da-1024b2;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-type: application/octet-stream
content-length: 28050
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/ytc.js.download

66.29.140.111

200 OK

15 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/ytc.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (14972), with no line terminators
Size
15 kB (14972 bytes)
Hash
49db10c8315384e8dad2e92a6841ed81
f576976a579cd50da6b717db5d48e1ea7137f744
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/ytc.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "3a7c-5fa147da-1024ef;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-type: application/octet-stream
content-length: 14972
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/fbevents.js.download

66.29.140.111

200 OK

90 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/fbevents.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64379)
Size
90 kB (90273 bytes)
Hash
61df3554472fe8057b5ae4537648d00d
125767dc32df57aa86a64801d9457923e378b397
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/fbevents.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "160a1-5f9feb16-1024c4;;;"
last-modified: Mon, 02 Nov 2020 11:18:46 GMT
content-type: application/octet-stream
content-length: 90273
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/css/toolkit.min.css

66.29.140.111

200 OK

51 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/css/toolkit.min.css
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
51 kB (51420 bytes)
Hash
e4e50bdb8ffbf39f7a4ec9d2edcc470d
58358a28c3c6891b3a47dbcfee34f272c8756eb6
798a9da3503d437d40c5e2c9d6db6ddb981c385160df34d665131616364208d1

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

GET /acc/assets/css/toolkit.min.css HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "567bd-5f9feb18-102488;gz"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: text/css
content-length: 51420
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/js

66.29.140.111

200 OK

97 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/js
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2639)
Size
97 kB (96892 bytes)
Hash
67e765e44e7d18ed41711d7e4935bc50
0289b9754b56ba057550a7e7d62e0b3587e43f2d
e5973becebda7e91d869447913826e69cd123d87e1a6f2ddf8897d72a63a3c6c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/js HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "17a7c-5fa147da-1024d2;;;"
last-modified: Tue, 03 Nov 2020 12:06:50 GMT
content-length: 96892
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download

66.29.140.111

200 OK

90 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/jquery-3.5.1.min.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/jquery-3.5.1.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "15d84-5f9feb18-1024cf;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 89476
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/7a8ba97f

66.29.140.111

200 OK

33 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/7a8ba97f
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19024)
Size
33 kB (32863 bytes)
Hash
af77eedae6083a5bd6f07cec713ab58d
2804fbe107e6af68bf7e2d39cfb176987e1fc9ad
06af35b557f7713851c46e61fd940a1dcf2381d6372582a63abc43dfdee46c33

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/7a8ba97f HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "805f-5f9feb1a-1024a6;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-length: 32863
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download

66.29.140.111

200 OK

154 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (543)
Size
154 kB (154122 bytes)
Hash
d33104f26092658d2becbbfa66e9d1fb
9c33f190903b2664af1f20b3a16ce2dca13d8a49
4249e4f7acbb2de46e66922b8ae70689820a9a6eb9a6f98a77d13190b7c2559e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/95b0da5c7fc415e06807cc694ee0021c.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "25a0a-5f9feb18-1024a7;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 154122
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download

66.29.140.111

200 OK

182 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1626)
Size
182 kB (182288 bytes)
Hash
227400e4070ac91189e80b05077abe20
714374d4c852c2058b1df7f4a6ff9f7acc164867
d42a94bdd0158c8df1d1ea4ae03da23f0007e9b6d5b38c05eb4797ffe90e1cf8

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/ruxitagentjs_ICA27SVfjoqrux_10197200831173448.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "2c810-5f9feb18-1024e2;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 182288
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:19 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download

66.29.140.111

200 OK

22 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/inqChatLaunch10006663.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (999)
Size
22 kB (22354 bytes)
Hash
1c9d96d3f228156fd7e9df9c531871d1
a118554b1208e30af4a0fef948c9566b8e7f4a94
648d971972fc0140127ab99989b3b55a28e8e3c2fcbf281390bbb7edf5000f26

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/inqChatLaunch10006663.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "5752-5fa147dc-1024cb;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 22354
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download

66.29.140.111

200 OK

226 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/Bootstrap.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (603)
Size
226 kB (225981 bytes)
Hash
8746e0eaa34beca77c5679a495ed1d3a
f8bc25c85508043935f3e63ff5cd1196c35762d6
83acf00ba4050132d8547daca62a4fca4670029aaa75b01c5e99179cbc6d4991

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/Bootstrap.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "372bd-5f9feb18-1024b4;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 225981
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download

66.29.140.111

200 OK

46 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/oo_engine.min.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (45689), with no line terminators
Size
46 kB (45689 bytes)
Hash
3023bde795e4926691e3691ace0d9356
053c86b53ec7bca624cffc3f6321697d35a1c5d5
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/oo_engine.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "b279-5fa147dc-1024da;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 45689
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/outdated.min.js.download

66.29.140.111

200 OK

1.1 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/outdated.min.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1083)
Size
1.1 kB (1147 bytes)
Hash
bc854aab7af244173e4dc2ca2a8f471a
1f0444814fabf2d764af527d1718e376ca0c89c1
11a2b7d65804df37c5d5801da23212eddb8530ffb15a5b67d77a8ccdcb5b8199

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/outdated.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "47b-5f9feb1a-1024dd;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-type: application/octet-stream
content-length: 1147
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download

66.29.140.111

200 OK

7.5 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/site-survey.min.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7496)
Size
7.5 kB (7541 bytes)
Hash
374ca92abaa98bc7b2f19fe64114a18b
4c0a1441026a9337d322d7ae5536df1427e5c140
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/site-survey.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "1d75-5fa147dc-1024e8;;;"
last-modified: Tue, 03 Nov 2020 12:06:52 GMT
content-type: application/octet-stream
content-length: 7541
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download

66.29.140.111

200 OK

462 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/toolkit.min.js.download
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
462 kB (461456 bytes)
Hash
325f5dd8b44503ea1799409a40addb9e
3887ffbc86f01677d34cce7ac8839305e175e97a
dbe44f4b698a44798e63a0177f6283a2dff01335f142be72dccfedd66e91554e

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/toolkit.min.js.download HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "70a90-5f9feb18-1024ed;;;"
last-modified: Mon, 02 Nov 2020 11:18:48 GMT
content-type: application/octet-stream
content-length: 461456
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767

66.29.140.111

200 OK

72 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/06bebd2b36rn240c2a1532a26141a767
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
72 kB (72012 bytes)
Hash
335f2776eaf4ca7eca9953d2240c3316
5f5702f072d8e721dd3557ccd2a0944b3cc58fa5
ca9ee108c9cd3072864c1fcfe42f8fa40f829a33267388e0adbf41fa8b2da9a5

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
etag: "1194c-5f9feb1a-10249f;;;"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-length: 72012
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/img/lockup.svg

66.29.140.111

200 OK

1.4 kB

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/img/lockup.svg
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Size
1.4 kB (1414 bytes)
Hash
41f9c2b49c7545cfd8f1cecea7fb2f0d
3111210d97f702b6d8aaa6e4b75511f1941760ca
a895ca27867d5e0dc7344b12b4055d0e29dcee72314cf1f2acc5dfecbfaea35c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/img/lockup.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "f66-5fa00880-102497;gz"
last-modified: Mon, 02 Nov 2020 13:24:16 GMT
content-type: image/svg+xml
content-length: 1414
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/

66.29.140.111

404 Not Found

705 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
705 B (705 bytes)
Hash
bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/ HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/img/oo_icon_retina_black.gif

66.29.140.111

200 OK

552 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/img/oo_icon_retina_black.gif
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington

HTTP Headers

GET /acc/assets/img/oo_icon_retina_black.gif HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "228-5fa025d8-102499;;;"
last-modified: Mon, 02 Nov 2020 15:29:28 GMT
content-type: image/gif
content-length: 552
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/img/EHL_Black_HouseOnly.svg

66.29.140.111

200 OK

362 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/img/EHL_Black_HouseOnly.svg
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
362 B (362 bytes)
Hash
154fab8e5b522f196f0ee37531af9c86
ebe3f81861334d969b43620e2637dd3357870aa0
9020cc818e67a2cbd69bbcef14df9e2bbe1af307f6311e7604ae15a26355f0e2

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/img/EHL_Black_HouseOnly.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "2c3-5fa00880-102494;gz"
last-modified: Mon, 02 Nov 2020 13:24:16 GMT
content-type: image/svg+xml
content-length: 362
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/img/logo-honeycomb.svg

66.29.140.111

200 OK

435 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/img/logo-honeycomb.svg
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Size
435 B (435 bytes)
Hash
1e8ab5050c6d9f1b254f92c9f9cb1842
4213f9baa531ca13becb8fac61701243474f9fc1
4d881d3e3a79ee19b069ba39938689bfca1f42c7fa47ecbe20fd2a390056e497

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/img/logo-honeycomb.svg HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:20 GMT
etag: "34c-5f9feb1a-102498;gz"
last-modified: Mon, 02 Nov 2020 11:18:50 GMT
content-type: image/svg+xml
content-length: 435
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
connection: Keep-Alive

myhuntington.hopto.org/acc/assets/js/nuanceChat.html

66.29.140.111

404 Not Found

705 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/js/nuanceChat.html
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
705 B (705 bytes)
Hash
bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
fortinet	Phishing

HTTP Headers

GET /acc/assets/js/nuanceChat.html HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:20 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive

www.googletagmanager.com/gtag/js?id=DC-8085313

142.250.74.168

302 Found

251 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=DC-8085313
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
251 B (251 bytes)
Hash
5330b68f600d5329a352e3b83a624e37
f098e2924dbe204685ef7b3a69d97f40bd3514d9
82667f1e0731a3710a54140b16300eacfe3e33b2e6cf84327dcf1a653ab6a683

HTTP Headers

GET /gtag/js?id=DC-8085313 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-8085313
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 251
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=DC-8085313

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-8085313
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44032 bytes)
Hash
f898a049491e57ed4b179b6c86c61e8a
11f2ec5e6aa8a69e9cfe2835bb5dcd0932228687
0207c95057ca822a3081d1d124b0582db05854179cf820e36df49a94397d1d3d

HTTP Headers

GET /gtag/js?id=DC-8085313 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://myhuntington.hopto.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=900
last-modified: Thu, 10 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44032
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2b6e814cf24d6076a53097eacb138a7f
7e3b9b5d44699f81209a7ea0182640f5596804a5
218be263224d3d1a01ba126d0a7311b972bd88744ec0919b5e471077abe68e03

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c

142.250.74.168

302 Found

287 B

URL HTTP/1.1
www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
287 B (287 bytes)
Hash
38911cae1d8fb0baaf10fbcc263920c9
5ebba50367e9da80eca247d0d7fd171a3d161fc5
1c535af9057c16bb8654d88ba03dfa76f47041316c6b78c332e56bd809a49f22

HTTP Headers

GET /gtag/destination?id=AW-849064376&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/destination?id=AW-849064376&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 287
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c

142.250.74.168

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
d2287b99358f20a1e966de644e530bbc
e786dd9ecd3fe89e0bd6946eb1ea3ca9e975abe9
53065f01a414b187d988bcca1a083a92779f008a21b28b3bb9fc55cc13b9dec1

HTTP Headers

GET /gtag/js?id=AW-849064376&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849064376&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

142.250.74.168

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577

HTTP Headers

GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

142.250.74.168

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4

HTTP Headers

GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

142.250.74.168

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f

HTTP Headers

GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

34.242.179.188

200 OK

243 B

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (318)
Size
243 B (243 bytes)
Hash
41d98e9a26ab2d3d3826d66adb1789c5
cb423795ef1a4f764f3f2c9a6b281714a696afd5
3242c221dd72207b77e0e8c632263fe0a3568e2b7d660d982632889b47400803

HTTP Headers

GET /huntington/com/serverComponent.php?r=4.955360094436121&namespace=Bootstrapper&staticJsPath=ensighten.huntingtonbank.com/huntington/com/code/&publishedOn=Thu%20Oct%2022%2001:05:05%20GMT%202020&ClientID=1035&PageID=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 10 Nov 2022 05:55:20 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 e38902d67e98c06c59b2b9295ce6ef04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: 16NTtTbnppV-xJMGE5ZCHLGvjaLnadME0MbLh9o9mfv0MpcrpLG0Rg==
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

8085313.fls.doubleclick.net/activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F?

142.250.74.70

200 OK

260 B

URL HTTP/2
8085313.fls.doubleclick.net/activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (507), with no line terminators
Size
260 B (260 bytes)
Hash
d730c9b4bc6e2e0fdfe87b46aaeb50bb
8daa31e194b77d4e557f0c1d43f2c3a77b95c492
3a94442f9685e6af00337c136a34ed75846e3d7f9cd10c920c81ecc4ee8c2b0b

HTTP Headers

GET /activityi;src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F? HTTP/1.1
Host: 8085313.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 260
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

34.242.179.188

200 OK

37 kB

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (557)
Size
37 kB (37249 bytes)
Hash
d363e2d544838fc73e8e41bb25b48fdb
e432edce4eb2fa259a240c324aceb59384756fbf
f0657825ba17fbbfd5e6aa5d862a758d0fd3d4597ba59844b626ee5130af732d

HTTP Headers

GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 25 Oct 2022 01:03:34 GMT
ETag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 cc21ae933690a5b4513677425cfed23e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: D-IjaAAQOLicMO1qQpB9SDVlj0ngDUJqmNHwPpHZUzsj9B_p4aRJGQ==
Age: 946868

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
62d835d5c67b5c11824d794b8f69cd59
4d51e3cb378f22b82e1bb79bf7a0430679ab39c2
bafb9e7627b08ccd0bf68fe0e5f0865ed2682005673c5fa8672b5c4a576d746e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767

66.29.140.111

404 Not Found

957 B

URL HTTP/2
myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
957 B (957 bytes)
Hash
ce6f39b26062b0987e665f95929f4b97
87eef7ecaf63a29b90d0a56c612f0316281a2f50
5a795b4f1599450d7553576a11908d706f4b994c824bf4e81c60a292e22be33f

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1382
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
537aa7c2d1d8b67db93e232c7a9ab923
a4a1d61c77923b71f5ba25de5602309b6af51eb7
f687556a931dc10c3b2304c619b6e5a901e48a5bb241f6d3a3ba6eaa29f92bf2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5587
Cache-Control: max-age=161831
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Etag: "636c519d-1d7"
Expires: Sat, 12 Nov 2022 02:52:32 GMT
Last-Modified: Thu, 10 Nov 2022 01:19:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767

66.29.140.111

404 Not Found

5.3 kB

URL HTTP/2
myhuntington.hopto.org/resources/06bebd2b36rn240c2a1532a26141a767
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14798), with CRLF, LF line terminators
Size
5.3 kB (5272 bytes)
Hash
fcb71d9386de32aa8d307a1bb0be5a4a
6fc9dc3ce76b3fe07f7297904d3cd2d667fc32d1
a0d038f82586e6e423a9e2c2506f4592b757d3267e5f4cf42ee06d18d8637f0c

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

POST /resources/06bebd2b36rn240c2a1532a26141a767 HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1168
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

104.84.152.56

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4339)
Size
1.2 kB (1249 bytes)
Hash
19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78

HTTP Headers

GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "055e39b9c9bd81:0"
last-modified: Tue, 19 Jul 2022 18:23:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=311309
expires: Sun, 13 Nov 2022 20:23:50 GMT
date: Thu, 10 Nov 2022 05:55:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

142.250.74.34

200 OK

262 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (506), with no line terminators
Size
262 B (262 bytes)
Hash
ff899bb5414ac8ab10c73140f1390d4b
9aef25c619fa3fdd593a1aafe62321c0535c8316
b6ccbb1871053c952db863827d5dc6777b61668c64f3c9936dc9389b6adf617e

HTTP Headers

GET /ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8085313.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

142.250.74.34

200 OK

270 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (499), with no line terminators
Size
270 B (270 bytes)
Hash
e5c443b0f11a0c2f55e552eeb3a2e6b8
b54422071fa912220fa21112e4184066d47c70a1
e5fd3652d30cbe20fa6370164335ea597d59ed3927e82741a917eee7ea01f8a1

HTTP Headers

GET /ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://8085313.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1

13.36.218.177

302 Found

0 B

URL HTTP/1.1
metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Huntington

HTTP Headers

GET /b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: metrics.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
access-control-allow-origin: *
vary: Origin
date: Thu, 10 Nov 2022 05:55:21 GMT
content-type: text/plain;charset=utf-8
expires: Wed, 09 Nov 2022 05:55:21 GMT
last-modified: Fri, 11 Nov 2022 05:55:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B6492495653729-40000AE3F314CB2D[CE]; Path=/; Domain=huntington.com; Max-Age=63072000; Expires=Sat, 09 Nov 2024 05:55:55 GMT;
location: http://metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
content-length: 0
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

34.242.179.188

204 No Content

0 B

URL HTTP/1.1
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2Fassets%2Fjs%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 204 No Content
Server: nginx
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 c416f79611bca57dde019f04fe3cc36e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB2-C1
X-Amz-Cf-Id: aChayRCNFCuXD6A684JzX-Qu6G2TK8noZ7zrr-PQmhgwSP-dqe9W9w==
Age: 8328

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9cec7fd19118aaeb5702dd97a8dd2b0e
40769764dfe2e1d216aeb0f18b935ad9e2fd9b11
0d10421ffd21c60df554fc54330fb769ea6cf59b8a795c14500defff88f8b366

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

142.250.74.168

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b

HTTP Headers

GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Thu, 10 Nov 2022 05:55:21 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1

13.36.218.177

200 OK

43 B

URL HTTP/1.1
metrics.huntington.com/b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1
IP
13.36.218.177:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 2 x 2\012- data
Size
43 B (43 bytes)
Hash
ad480fd0732d0f6f1a8b06359e3a42bb
a544538683a2dfe574eeb2e358ac8fcc78289d50
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

HTTP Headers

GET /b/ss/huntingtonhuntingtondev/1/JS-2.22.0/s92406459727167?AQB=1&pccr=true&vidn=31B6492495653729-40000AE3F314CB2D&ndh=1&pf=1&t=10%2F10%2F2022%205%3A55%3A17%204%200&ce=UTF-8&ns=huntington&pageName=pub%3A%20mobile%20login&g=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&c.&excCodes=1&.c&ch=pub&server=huntington.com&c1=pub%3A%20mobile%20login&c2=pub%3A%20mobile%20login&c3=pub%3A%20mobile%20login&c4=pub%3A%20mobile%20login&v5=pub%3A%20mobile%20login&v6=pub&c7=myhuntington.hopto.org%2Facc%2F&v19=12%3A13%20PM%7CMonday&c28=12%3A13%20PM%7CMonday&c32=pub%3A%20mobile%20login&c34=2.22.0&c44=0%7C0&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&AQE=1 HTTP/1.1
Host: metrics.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://myhuntington.hopto.org/
Connection: keep-alive

HTTP/1.1 200 OK
access-control-allow-origin: *
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Wed, 09 Nov 2022 05:55:21 GMT
last-modified: Fri, 11 Nov 2022 05:55:21 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_vi=[CS]v1|31B6492494FAEA02-400012EC931C16C6[CE]; Path=/; Domain=huntington.com; Max-Age=63072000; Expires=Sat, 09 Nov 2024 05:55:55 GMT;
etag: 3582130975086903296-4619764046925403845
vary: *
content-type: image/gif;charset=utf-8
content-length: 43
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8085313;type=global;cat=allpv;ord=4261924178608;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=8085313;type=global;cat=uvisit;ord=1;num=7740095596997;gtm=2odb70;auiddc=2104503373.1668059718;u1=pub%3A%20mobile%20login;u2=undefined%7C;~oref=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
expires: Thu, 10 Nov 2022 05:55:21 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

myhuntington.hopto.org/akam/11/pixel_7a8ba97f

66.29.140.111

404 Not Found

705 B

URL HTTP/1.1
myhuntington.hopto.org/akam/11/pixel_7a8ba97f
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
705 B (705 bytes)
Hash
bfbf1451d2d0ca64731dda41aadbfee9
8ced5f4e49d615a0855492ea12a174f8f63ac9aa
d7a6693a3add3dc913f5472fabcc097a55a4269210d8af2c37e1ad53a1565a55

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected

HTTP Headers

POST /akam/11/pixel_7a8ba97f HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
x-dtpc: $59717020_368h9vNAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0
Content-Length: 2772
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; _gcl_au=1.1.2104503373.1668059718

HTTP/1.1 404 Not Found
content-type: text/html
cache-control: private, no-cache, max-age=0
pragma: no-cache
date: Thu, 10 Nov 2022 05:55:21 GMT
server: LiteSpeed
content-encoding: gzip
vary: Accept-Encoding
transfer-encoding: chunked
connection: Keep-Alive

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2817ce33ca8b3667491f155a141abfa7
c39855bf058d975083bd145b944a438b47307a36
33bb12b05df7cb1e19ba5647d57b5cc5f0a79095a2ca40a04e5fe076b7e33422

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bat.bing.com/bat.js

13.107.21.200

200 OK

11 kB

URL HTTP/1.1
bat.bing.com/bat.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size
11 kB (11367 bytes)
Hash
293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab

HTTP Headers

GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 200 OK
Cache-Control: private,max-age=1800
Content-Length: 11367
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Thu, 28 Jul 2022 17:32:37 GMT
Accept-Ranges: bytes
ETag: "80a8697a8a2d81:0"
Vary: Accept-Encoding
Set-Cookie: MUID=20506ABF8C4461493D1D78E78D136009; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:21 GMT; path=/; SameSite=None; Secure; Priority=High;
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Origin: *
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: 54D262EC657A42DF8DDCB6783E0CA459 Ref B: OSL30EDGE0409 Ref C: 2022-11-10T05:55:21Z
Date: Thu, 10 Nov 2022 05:55:21 GMT

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c282fb89bdded9707f257751f23fc185
bfe872622a162e0afa35c9cd45742fba2fb15b13
3e66dbf4d736534ca78c1e386311a188e985a015e284a5659213b3b528e7cbc5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1178
Cache-Control: max-age=120653
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Etag: "636bc1fc-1d7"
Expires: Fri, 11 Nov 2022 15:26:14 GMT
Last-Modified: Wed, 09 Nov 2022 15:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27337 bytes)
Hash
0ac10debd3a9ea8147a26d045bb93e6e
ff45f3442508e8695f2303701682ebdb6e016464
5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: rtm7RSeBTqcv3/pFCA2q/iq9r1uXFGpY7GcE8lyGTCmLFoytPLSx/7Wa6yprHoL0OT32kTvff4PDdM7I+vdXcw==
priority: u=3,i
content-length: 27337
x-fb-trip-id: 1904183273
date: Thu, 10 Nov 2022 05:55:21 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

901 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
901 B (901 bytes)
Hash
13e5ad0febebb6049f55d9d5998db934
fecd4693bc8684caee52d35496d931c022fb3ff6
2ce5392060ddb7e699c30e8d9760cc818412d5e11b60b3f43c72bf8d858bfcd7

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1668059717840&cv=11&fst=1668059717840&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

899 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
899 B (899 bytes)
Hash
74c0cb46d1cc0b23dc66192b87a878f5
7e076fba191e417d3714b202a57cfc522c3dbca1
4f9e73cd866adb1de7448fd5cb2b22089bebdfae347946a751fd7f13ecf88eb9

HTTP Headers

GET /pagead/viewthroughconversion/391028924/?random=1668059718194&cv=11&fst=1668059718194&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 899
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

900 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
900 B (900 bytes)
Hash
fd4ee9d5a3f1a2020faff54a464df23e
bbfc7e21da0efc7b2f962aaabc17b9eec283f93e
626f92232090607bafb3d2981065e40946a8c3d2f858e449db86781855f5ae45

HTTP Headers

GET /pagead/viewthroughconversion/786635084/?random=1668059718050&cv=11&fst=1668059718050&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 900
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

900 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921), with no line terminators
Size
900 B (900 bytes)
Hash
8dab9e7c9e94197284ee4205ba42e3a6
351a19e934cc0dda80bf612886712962f91b9758
49646b9cca1759049be1d3aeda3057acaea449c75ede9c09b8ee188b3dc10d8b

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1668059718046&cv=11&fst=1668059718046&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 900
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:21 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.yimg.com/wi/ytc.js

188.125.94.206

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xrb3eRe8MxuxGLLv039i9W4uu93jp3Kd7wp2Sf89R6izQ7cTPEHjjakdaV1XLlBCwTF1Gx0gJhc=
x-amz-request-id: TWF50GVATAHWSXNH
date: Thu, 10 Nov 2022 05:20:34 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
etag: "6a624022b5d271dcefb070b0b6670abc-df"
age: 2089
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bat.bing.com/action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /action/0?ti=5067672&Ver=2&mid=30b336ec-8280-4bc7-bc03-401c3af46c72&sid=41331f4060bc11ed8dfb0bb63393a42a&vid=4133456060bc11ed8e47c9af81a79ef0&vids=0&msclkid=N&ec=Visit&ea=Public&el=pub:%20mobile%20login&el2=pub%3A%20mobile%20login&sw=1280&sh=1024&sc=24&evt=custom&rn=346184 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3E4455E8D17B6F230D3A47B0D08E6E8C; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 844C04FB70C3483895C4263D154F0A9C Ref B: OSL30EDGE0117 Ref C: 2022-11-10T05:55:21Z
date: Thu, 10 Nov 2022 05:55:21 GMT
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

902 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
902 B (902 bytes)
Hash
49590b4ec78343cdfcb095274ff4b2a8
140af1f8ceff58fc5225181dc4ef18a57baf84df
c770a622662d3b63c3519da43efb928f4736781ccd37309a410a269e2e868751

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1668059717855&cv=11&fst=1668059717855&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 902
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c282fb89bdded9707f257751f23fc185
bfe872622a162e0afa35c9cd45742fba2fb15b13
3e66dbf4d736534ca78c1e386311a188e985a015e284a5659213b3b528e7cbc5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1179
Cache-Control: max-age=120653
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Etag: "636bc1fc-1d7"
Expires: Fri, 11 Nov 2022 15:26:15 GMT
Last-Modified: Wed, 09 Nov 2022 15:06:36 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

901 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
901 B (901 bytes)
Hash
aa768b40353f6685f384f8e510e17e4d
2b84778b573bdd1963867ff5c0b19548cce1ae60
66e3bc42b2c8817930efd8a72b93d7217d14f241658a0fc568221f4779766f37

HTTP Headers

GET /pagead/viewthroughconversion/786635084/?random=1668059717876&cv=11&fst=1668059717876&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

899 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1923), with no line terminators
Size
899 B (899 bytes)
Hash
d66befe9da021f59d26a552275f49233
3698aa90ab9acdb3180fe74412611852d40bec3b
44346f3a24840eb61e4fa6ab9466d7eaa8afd971b406e9ae7dea294db7a69b05

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1668059718055&cv=11&fst=1668059718055&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&auid=2104503373.1668059718&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 899
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 10-Nov-2022 06:10:22 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

myhuntington.hopto.org/acc/assets/img/favicon-16x16.png

66.29.140.111

200 OK

629 B

URL HTTP/1.1
myhuntington.hopto.org/acc/assets/img/favicon-16x16.png
IP
66.29.140.111:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
629 B (629 bytes)
Hash
b3edcae46fea41cde6b830ecfe7f89e4
f031fd0f0050d9601254e35eecb6d573585418f9
5c838bb93e9d85d3badb18e708a16a8287505922eada63ed4fb7495eaefb0a17

Detections

Analyzer	Verdict	Alert
urlquery		DynDNS domain detected
urlquery		Phishing - Huntington

HTTP Headers

GET /acc/assets/img/favicon-16x16.png HTTP/1.1
Host: myhuntington.hopto.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/acc/
Cookie: PHPSESSID=9k4isr3lqubu7v7031m9vnj4pq; _gcl_au=1.1.2104503373.1668059718

HTTP/1.1 200 OK
cache-control: public, max-age=604800
expires: Thu, 17 Nov 2022 05:55:22 GMT
etag: "275-5f9fee52-102495;;;"
last-modified: Mon, 02 Nov 2020 11:32:34 GMT
content-type: image/png
content-length: 629
accept-ranges: bytes
date: Thu, 10 Nov 2022 05:55:22 GMT
server: LiteSpeed
connection: Keep-Alive

www.google.no/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bat.bing.com/p/action/5067672.js

13.107.21.200

204 No Content

0 B

URL HTTP/2
bat.bing.com/p/action/5067672.js
IP
13.107.21.200:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /p/action/5067672.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=2C2EE2DA99B46A313B9EF08298416B17; domain=.bing.com; expires=Tue, 05-Dec-2023 05:55:22 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9AC4C1B2637D4558BDE7B3F5B3C43458 Ref B: OSL30EDGE0117 Ref C: 2022-11-10T05:55:21Z
date: Thu, 10 Nov 2022 05:55:21 GMT
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
58ad273c5ead6b1184f0bae78c306a52
a044ddd19e4523d2ddb42bfd4343aa1a0d3c4bce
71b62e94dda1d7d3c0ba08ca34c487e819b424b2da7f7cb3ec2120fb5b049b20

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y

142.250.74.35

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten

212.82.100.181

200 OK

0 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sp.pl?a=10000&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&et=custom&ec=Visit&ea=Public&el=pub%3A%20mobile%20login&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 05:55:22 GMT
expires: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEqSbGMCENuXEphfsgyy3CPBowUv0csFEgEBAQHjbWN2YwAAAAAA_eMAAA&S=AQAAAnZMEbxpN5NHAnaHkRYqfz8; Expires=Fri, 10 Nov 2023 11:55:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten

212.82.100.181

200 OK

0 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sp.pl?a=10000&d=Thu%2C%2010%20Nov%202022%2005%3A55%3A18%20GMT&n=0&b=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&enc=UTF-8&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 10 Nov 2022 05:55:22 GMT
expires: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBEqSbGMCEC93fH-McB2x4Z5AnEUhCJYFEgEBAQHjbWN2YwAAAAAA_eMAAA&S=AQAAAmfkd8LTw9hzFtF-sbc2LXM; Expires=Fri, 10 Nov 2023 11:55:22 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1668059718055&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3067510800&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1668059718194&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1627257984&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1668059718050&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2835752814&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1668059718046&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=530057013&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1668059717855&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2093454898&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1668059717876&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1582355669&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9b27d0bfaf6ec30690eba902f50ce1ce
b274adea0a925d814dfd0ad80d1888dd06f4e269
f66f94bb109a214e8d83f5112c7468c729357833cf65e2d7db4f49564fac3485

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Nov 2022 05:55:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1668059717840&cv=11&fst=1668056400000&bg=ffffff&guid=ON&async=1&gtm=2oab70&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&tiba=Mobile%20Banking%20Login%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1788306866&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 05:55:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.5 kB

URL HTTP/1.1
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12826)
Size
4.5 kB (4530 bytes)
Hash
806d185619a4ef5951ab91810117e4ba
f40031c0ea5718f6d9a0a35e8ca60262daedc440
06489a801966cb9e7b467aed4edb63aa10bc2e588d259054ef696ade54e4b19f

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/

HTTP/1.1 200 OK
Last-Modified: Wed, 09 Nov 2022 19:27:04 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
X-EdgeConnect-MidMile-RTT: 16
X-EdgeConnect-Origin-MEX-Latency: 349
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86355
Date: Thu, 10 Nov 2022 05:55:22 GMT
Content-Length: 4530
Connection: keep-alive
X-CDN: AKAM

cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery		Phishing - Huntington

HTTP Headers

OPTIONS /partner/291554/domain/myhuntington.hopto.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://myhuntington.hopto.org/
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Thu, 10 Nov 2022 05:16:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xBqPBFZJ-Bnysi2vJzjW601wxizzgTGTE6xFyPZEzTh23boOPq9e6Q==
age: 2333
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=121543311796381&ev=PageView&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718623&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=c0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Nov 2022 05:55:22 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=121543311796381&ev=ViewContent&dl=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&rl=&if=false&ts=1668059718625&cd[content_name]=pub%3A%20mobile%20login&cd[user]=undefined%7C&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=1&o=29&fbp=fb.2.1668059718622.1925072363&it=1668059718308&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 10 Nov 2022 05:55:22 GMT
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQLKTjTXJYTFLAAAAYRgG3LiuwKoeB_WlDPm12R06V3Eku82Kr1ISaw496Bf8a9BOMKYH_lVWKADiw; Max-Age=2592000; Expires=Sat, 10 Dec 2022 05:55:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLh6M8ctvL_VgAAAYRgG3LizFIJGB3DkmnzT2EDPWr38BELrFCqbvZGReLhOPxvhcIXb5vTKdQ-acsOkFgpzw; Max-Age=2592000; Expires=Sat, 10 Dec 2022 05:55:22 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&6ed323c0-daed-4666-878e-f69e352a66aa"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 10-Nov-2023 05:55:22 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2414:u=1:x=1:i=1668059722:t=1668146122:v=2:sig=AQHDrPjV0sdUu4ro1Z5DsgGP1m1CuKP0"; Expires=Fri, 11 Nov 2022 05:55:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXtF2s4qXnpbZ8H+75U1A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2AD48A79BA834B798CBC4C80417B5FE4 Ref B: OSL30EDGE0517 Ref C: 2022-11-10T05:55:22Z
date: Thu, 10 Nov 2022 05:55:22 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1668059718560%26url%3Dhttp%253A%252F%252Fmyhuntington.hopto.org%252Facc%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://myhuntington.hopto.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1668059718560&url=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&46053897-5a7d-47bc-813b-b8daa7441e44"; Domain=.linkedin.com; Expires=Fri, 10-Nov-2023 05:55:22 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202211100555226c2df49a-97bb-41a4-82c6-966ec317982dAQF1HCqhv9Mz6hqD--WUJti23wem5VQV"; Domain=.www.linkedin.com; Expires=Fri, 10-Nov-2023 05:55:22 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjgwNTk3MjI7MjswMjE0I0JQxtsfNvbT5hjNJ8TP7qezCl5y+S4thrUgzK4aXw==; Domain=.linkedin.com; Expires=Tue, 09 May 2023 05:55:22 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2428:u=1:x=1:i=1668059722:t=1668146122:v=2:sig=AQEfxPIvrgheVX7AoGb_uydy60o13KiV"; Expires=Fri, 11 Nov 2022 05:55:22 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com *.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXtF2s63UaD3YCW63IBTg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF29F16DF39C4D1CB87FC478747D8268 Ref B: OSL30EDGE0517 Ref C: 2022-11-10T05:55:22Z
date: Thu, 10 Nov 2022 05:55:22 GMT
content-length: 0
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token

54.230.111.112

200 OK

86 kB

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/myhuntington.hopto.org/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (64435)
Size
86 kB (86306 bytes)
Hash
c0d9d2303a9d715ab67ef49944b5457a
9751b4a0df974b0804d78919d9d57589386a8020
69ff7dc14557578f991f6b6c917f86c249212c4e18bd0d37b01e49c8f591066b

HTTP Headers

GET /partner/291554/domain/myhuntington.hopto.org/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Thu, 10 Nov 2022 05:16:31 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Aio_hV1168F13H0Fdkblv8Ew0vcANxHN9XmD-qfaH6DO_wAygx212Q==
age: 2331
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013

3.216.85.62

301 Moved Permanently

134 B

URL HTTP/1.1
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013
IP
3.216.85.62:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Thu, 10 Nov 2022 05:55:24 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://trk.clinch.co:443/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F&version=3.4&a=1668059721013

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6ee2f0fcc5031e4cc7d3176d81bef5a0
38245c687e8f8ebfb28293d59d7809f796344f96
458a65afa5bfb4fd4c65b46031eb357b3bac4e683fa7a224075358b450b8c290

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "458A65AFA5BFB4FD4C65B46031EB357B3BAC4E683FA7A224075358B450B8C290"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9688
Expires: Thu, 10 Nov 2022 08:36:53 GMT
Date: Thu, 10 Nov 2022 05:55:25 GMT
Connection: keep-alive

mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1

100.24.162.178

200 OK

28 B

URL HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Fmyhuntington.hopto.org%2Facc%2F;visitID=NAWHSUIMSJUUHWAWJMULRKARMVIWFTMU-0;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2330
Origin: http://myhuntington.hopto.org
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 10 Nov 2022 05:55:25 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable

31.13.72.12

200 OK

0 B

URL HTTP/2
connect.facebook.net/signals/config/121543311796381?v=2.9.89&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /signals/config/121543311796381?v=2.9.89&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://myhuntington.hopto.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: xv8n4co9DJxg+dEqBMJw7vlQvvaXbVcgbF0s3Q4CobdNpksny1SDEFR4mJb1A39+wyIAuUFQdks2OcFiNuL5Yw==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Thu, 10 Nov 2022 05:55:22 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (50)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP