r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10011
Expires: Wed, 21 Dec 2022 08:59:19 GMT
Date: Wed, 21 Dec 2022 06:12:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19589
Expires: Wed, 21 Dec 2022 11:38:57 GMT
Date: Wed, 21 Dec 2022 06:12:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f4b32de26d9af2cba6afcdcf716d3fb8
644ead4436a8f2fc1f0dd25e4484b64f6ed63347
525123034cb53d750d5ebd487015911452d2cd3c34301e6628f2f52f3f0bfc88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "525123034CB53D750D5EBD487015911452D2CD3C34301E6628F2F52F3F0BFC88"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6898
Expires: Wed, 21 Dec 2022 08:07:26 GMT
Date: Wed, 21 Dec 2022 06:12:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 21 Dec 2022 05:45:54 GMT
content-type: application/json
age: 1594
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LNd51Uk36KAxDM2/6vy+2KG6VRDP8hgyAoyFUOZPRqdeTWBRCWckFUw9jvB9yBpaVfRqw76dX1w=
x-amz-request-id: 2AV7JNQHQBVN9T2K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Dec 2022 05:55:16 GMT
age: 1032
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 691e2563ea7be0facb3fcd68cff6e5db
0c6d4e11c92c03b54d76459b881f6ed71d915f52
14c955ed34ec986dc5289c7b7c617988f034e29b785d82ebfc2a3f1ee224d40f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14C955ED34EC986DC5289C7B7C617988F034E29B785D82EBFC2A3F1EE224D40F"
Last-Modified: Wed, 21 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Dec 2022 12:12:28 GMT
Date: Wed, 21 Dec 2022 06:12:28 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 06:12:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 21 Dec 2022 06:08:02 GMT
age: 266
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/lockup.svg
200 OK 3.9 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/lockup.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Hash 760da63259e763df170dc8720b8d8a41
efd755d6b9efdb7ce688a77f4d68dee3498162eb
9ce0c7443f6975ac01655f26813947926a374c68f28289dd198fc6299203beed
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/lockup.svg HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:40 GMT
accept-ranges: bytes
content-length: 3942
content-type: image/svg+xml
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/oo_icon_retina_black.gif
200 OK 3.3 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/oo_icon_retina_black.gif
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 18 x 18\012- data
Hash a12e06853203ca600c1be91018b8b676
c8e2c4e88d37cb79ea9ddc3ed78186b409333912
62e5b1bb4bc6496956b943374fca10b7fee4af4dc15450b7772469f38b2e06b9
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/oo_icon_retina_black.gif HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:40 GMT
accept-ranges: bytes
content-length: 3334
content-type: image/gif
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5961
Cache-Control: max-age=102823
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Etag: "63a17b2b-1d7"
Expires: Thu, 22 Dec 2022 10:46:12 GMT
Last-Modified: Tue, 20 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5171
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Last-Modified: Wed, 21 Dec 2022 04:46:18 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Last-Modified: Wed, 21 Dec 2022 05:10:44 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5181
Cache-Control: max-age=160405
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Etag: "63a25f25-1d7"
Expires: Fri, 23 Dec 2022 02:45:54 GMT
Last-Modified: Wed, 21 Dec 2022 01:19:33 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5052
Cache-Control: max-age=160276
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Etag: "63a25f25-1d7"
Expires: Fri, 23 Dec 2022 02:43:45 GMT
Last-Modified: Wed, 21 Dec 2022 01:19:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
envipetro.co.za/verify/huntington/activefjj/forg/logo-honeycomb.svg
200 OK 844 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/logo-honeycomb.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Hash d7ce1f5e222e75801ed22741962ac64b
3cf38997840e2047e145a747cbb220cee28adaab
83e4d5829d43cb3723521baf4e6a8f7130f0bf91cb957ee14d9c7dde2d9ccb93
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/logo-honeycomb.svg HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
content-length: 844
content-type: image/svg+xml
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download
200 OK 7.7 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19644)
Hash bf5689b8923263fd6b033aac877b032e
3df75cc33f1d65035b5374aaad24d45df06bb681
ed45217eccd6d351121aaa63d36d315c6b9626caea11725fabe4b2b2a5acd0ad
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/chat-fab.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7650
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
200 OK 20 kB URL HTTP/2 www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Hash ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215
GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 19712
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1293310310", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=2145751
expires: Sun, 15 Jan 2023 02:15:00 GMT
date: Wed, 21 Dec 2022 06:12:29 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
200 OK 19 kB URL HTTP/2 www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Hash 6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22
GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 18636
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-591602681"
x-ua-compatible: IE=edge
cache-control: public, max-age=435695
expires: Mon, 26 Dec 2022 07:14:04 GMT
date: Wed, 21 Dec 2022 06:12:29 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
200 OK 21 kB URL HTTP/2 www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Hash a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555
GET /Presentation/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 20592
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-397965887", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=845373
expires: Sat, 31 Dec 2022 01:02:02 GMT
date: Wed, 21 Dec 2022 06:12:29 GMT
X-Firefox-Spdy: h2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
200 OK 20 kB URL HTTP/2 www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Hash 3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d
GET /Presentation/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-length: 19976
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1316178220", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=477103
expires: Mon, 26 Dec 2022 18:44:12 GMT
date: Wed, 21 Dec 2022 06:12:29 GMT
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg
200 OK 707 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 422002ff598ec781dc753d0627bec1ee
d440d6acb305d644a4ba824a28c97f04511aac95
4808c0ca2576dc18bf8df509199edef7a4a2b809fde09ecc6688f998e855486e
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
content-length: 707
content-type: image/svg+xml
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/loading.gif
200 OK 126 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/loading.gif
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 340 x 340\012- data
Size 126 kB (126069 bytes)
Hash 465f55188a4c0f479cfbad002c8b58c3
6bbce57136615ea6e5f956e6dd9145343b18e3e6
f5a419c0a6d36e8f7776dddf084522cbb8522ab3c2bd901f0da92f3e35e75af8
GET /verify/huntington/activefjj/loading.gif HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 23:44:58 GMT
accept-ranges: bytes
content-length: 126069
content-type: image/gif
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download
200 OK 3.3 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7496), with CRLF line terminators
Hash e7f68cf9f1b2c80ee3b115f4f267b25e
d8c2d8ac99ff59d4ed6acae7e9b810d1c92038b3
376b8a7535f91db0deacd7e8acd5e8964f216e3f7ed27fbc714346973eb83fe5
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/site-survey.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3288
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/sp.pl(1).download
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/sp.pl(1).download
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/sp.pl(1).download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 0
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/0(1)
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/0(1)
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/0(1) HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 0
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YTcr37JdnZ3BRtMR62ud5Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gj9H5Hc08fKi0N2W7f+cf5LlEqo=
envipetro.co.za/verify/huntington/activefjj/forg/0
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/0
IP
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/0 HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 0
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
500 Internal Server Error 6.3 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (481)
Hash eb151dd392a0644484b23d739bf1e6ed
3e4d4e7509a02e37f7f6442be91782e604a56414
1adede4a6b8bc662edc345dfadc65304f346ab71db94b67d83e02356afe1973e
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/sp.pl.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 6308
last-modified: Sat, 01 Oct 2022 13:15:55 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/:abstract.simplenet.com/point.gif
404 Not Found 4.7 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/:abstract.simplenet.com/point.gif
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/:abstract.simplenet.com/point.gif HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4677
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
200 OK 637 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (432)
Hash e3d3a570a6e7476ff2a5c1b92bf148fc
05388fb247c7e1dda7bcc0bf795d5f47d57e227a
ef43c8adc400f18d7a9c01ae2122f74a9d2ad203cd0bb37d7e6f7960cc9c2932
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/nuanceChat.html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 637
last-modified: Thu, 31 Oct 2019 09:12:44 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/activityi.html
200 OK 475 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/activityi.html
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (313)
Hash 20284bb64eaf3570d981ac82c780dd64
f65747e9e2b5f125a16fd563bcab0ef87e63524a
feb28fb750c69a04c87a4697b96d9bbb8d0d657df140cf153173249f9776df2c
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/activityi.html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 475
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html
200 OK 371 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 17129e91277986629517a89ca301dbfc
b13a862d16e8f29c449b5b227efe2cb7f62fb68a
b2cf6a8a642dbe371ec7fd0f466ca20ce44fee242c33d274abff80c99b3fe24c
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/activityi(2).html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 371
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html
200 OK 468 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (306)
Hash ade204a9145cc594265253afe7cb905f
bc8e25b59afb25c3bc56fb5d98e111270c5b4389
26d0393246eed0d1ede4731580a1320f41d0b976e5de3d763f4be7794039f149
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/activityi(1).html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 468
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/abstract.simplenet.com/point2.html
404 Not Found 4.7 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/abstract.simplenet.com/point2.html
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/abstract.simplenet.com/point2.html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 4677
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/muli-v11-latin-300.woff HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/muli-v11-latin-700.woff HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff
404 Not Found 12 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
content-length: 11816
vary: Accept-Encoding
content-type: text/html
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download
200 OK 8.5 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (999)
Hash 2a8e8b3225dbfdcd6e4519082aa6fabd
46c9f0adc30a07c9725927ca75388dcfb714bb7e
b510bb32faa550cf92859dfdfeefac44f3a79bde95a78efe3d6764207b68e3d9
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8485
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
500 Internal Server Error 6.3 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (481)
Hash eb151dd392a0644484b23d739bf1e6ed
3e4d4e7509a02e37f7f6442be91782e604a56414
1adede4a6b8bc662edc345dfadc65304f346ab71db94b67d83e02356afe1973e
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/sp.pl.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 6308
last-modified: Sat, 01 Oct 2022 13:15:55 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download
200 OK 14 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21865)
Hash d76b27abe4da5f9e8cc1db8a3a95b067
fee40136b8b716be0047509389a4b771586a27e1
75ca6b1e250760d5278c049b88e3958831f38876eda8e1968b4c8d75c1e6ce40
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/site_10006663_default.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13524
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w
200 OK 42 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/activityi.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 42
last-modified: Thu, 31 Oct 2019 09:12:34 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw
200 OK 42 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 42
last-modified: Thu, 31 Oct 2019 09:12:34 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce
200 OK 63 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (62628), with no line terminators
Hash 81549b1f4f13ae790dd0fea0ec8c2686
ddbec0647d2496fd9476f2b86a60db8c99908b20
4993ce32b74b1f0d13a926f3f0a79dc7d1bf714ce38130b05068582f96e46899
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 62628
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ
200 OK 42 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-length: 42
last-modified: Thu, 31 Oct 2019 09:12:34 GMT
accept-ranges: bytes
x-server-cache: false
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
204 No Content 0 B URL HTTP/2 ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 21 Dec 2022 06:12:29 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 2900c8bea7962de658e6de19988c7118.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: 4iP64uObssnOnwOEwTLGZ8ns0cCQKJhxs-Oz5AwcrdBLZIG2xRVtPQ==
age: 9330
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.clinch.co/a_js/client_pixels/clq/script.min.js
200 OK 4.6 kB URL HTTP/1.1 cdn.clinch.co/a_js/client_pixels/clq/script.min.js
IP
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (14797), with no line terminators
Hash 87474300d7f17748e3ed24b42d4bee2b
9d2c3a1f2b9cffdcb309ea2a2b13bed7b693042c
0388ad3b8fc80cfb336b71fabe7c01a2a8d8ff699fb448f4105a7d9ff5f680ef
GET /a_js/client_pixels/clq/script.min.js HTTP/1.1
Host: cdn.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: adMugfF433YL+FfK0yhYay96eSjZAVC2bECbR3FBNYsdGtoJyV+rBZXvGbuNsIAHS4UU//dITPM=
x-amz-request-id: R8YJQ3PZ0BKYEXCH
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
ETag: "666e09028e21421106f9ecd0ceb1ddac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=15146521
Expires: Wed, 14 Jun 2023 13:34:30 GMT
Date: Wed, 21 Dec 2022 06:12:29 GMT
Content-Length: 4567
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Access-Control-Allow-Origin: *
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
200 OK 35 kB URL HTTP/2 ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
File type ASCII text, with very long lines (557)
Hash 22d952dd46b592fbadbe8f4ba33f1fe7
e8f310391f1b27a67136d9c8c3422b09db2b29b2
9ea16aa7b4752c0cba4cf59cf420767d275c2b30771c51c94fd10cd622cd495d
GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 06:12:29 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
etag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dfd84a17eaa88d79994b6524cab4931e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: hIZ1_h0qInc_JhjmuoXfAmp7ob17LqmCog3nNWMuSex9JzbK2E0_bQ==
age: 718888
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-10701487
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-10701487
IP
File type ASCII text, with very long lines (1921)
Hash 1fe87365fad6ace2a7b04936f4018e87
9b2c025f2448502c905d36f5549e0ced5e8faaaa
61dd84115bdc7fd8ca5d06e2c7dd53bdce29ed79f34286708eecc495dfb12711
GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Dec 2022 06:12:29 GMT
expires: Wed, 21 Dec 2022 06:12:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44189
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
200 OK 4.7 kB URL HTTP/2 envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
POST /resources/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 866
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
content-type: text/html
content-length: 4677
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: false
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3063
Cache-Control: max-age=109619
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Etag: "63a1a10a-1d7"
Expires: Thu, 22 Dec 2022 12:39:29 GMT
Last-Modified: Tue, 20 Dec 2022 11:48:26 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=79109
date: Wed, 21 Dec 2022 06:12:30 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: SsyfS/j/8OcR8tt50BO4rzuSX/Pt6zZY/70nQKGsK+IvZJVBWIA7tiQrUy5pYUCpljB+OsmepC0IuS3Gn5OxFQ==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 1904183273
date: Wed, 21 Dec 2022 06:12:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4809
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Last-Modified: Wed, 21 Dec 2022 04:52:21 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
200 OK 4.7 kB URL HTTP/2 envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
POST /resources/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 928
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:30 GMT
server: Apache
content-type: text/html
content-length: 4677
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: false
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js
404 Not Found 4.7 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/postToServer.min.js HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html
Cookie: loginCookie=personalLogin; _gcl_au=1.1.1924830407.1671603168
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4677
content-type: text/html
date: Wed, 21 Dec 2022 06:12:30 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download
200 OK 7.6 kB URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
File type Java source, ASCII text, with very long lines (859)
Hash a37e1a7452a0bb64dddff33c9b7a850c
5efb170ddb995643479c09bf3b06f1c7f253b7ee
c75a0b8cc8d182ecfd3efa8cd5b167e1bf33e2a3b68d151a99e6e3cc228e92ec
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
GET /verify/huntington/activefjj/forg/postToServer.min.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html
Cookie: loginCookie=personalLogin; _gcl_au=1.1.1924830407.1671603168
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7629
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:30 GMT
server: Apache
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1671603168167%26url%3Dhttps%253A%252F%252Fenvipetro.co.za%252Fverify%252Fhuntington%252Factivefjj%252Fprocessing.html%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKS2P6PpxcSMgAAAYUzT92eW32tcYdEcVOskZum2lbBElG6Nry8X3cbN7DYNj9wZM3RYV2JRt4RsA; Max-Age=2592000; Expires=Fri, 20 Jan 2023 06:12:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIwyzYjbYo0_gAAAYUzT92edrHD3ihzcaGlRYDT0Nt9Yeen5BVbfiCZpcQlaLupzl45N_6Yu9He-Uv8vFBsvw; Max-Age=2592000; Expires=Fri, 20 Jan 2023 06:12:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&82e0d79a-7c7c-411c-88d9-a1b569cb6ac6"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Dec-2023 06:12:30 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671603150:t=1671689550:v=2:sig=AQEdytXKq_-LtbuvKDx30qJk78ksB-pF"; Expires=Thu, 22 Dec 2022 06:12:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXwUG/5lELPXliKHLldkQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 24011B9700FF47CF9153D4B6FE779AD0 Ref B: OSL30EDGE0516 Ref C: 2022-12-21T06:12:30Z
date: Wed, 21 Dec 2022 06:12:30 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/291554/domain/envipetro.co.za/token
200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/291554/domain/envipetro.co.za/token
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Huntington
OPTIONS /partner/291554/domain/envipetro.co.za/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://envipetro.co.za/
Origin: https://envipetro.co.za
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Tue, 20 Dec 2022 08:31:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ha4XQhAy7by8xVU31DV8r1pjkaz1X9gosN0vIRcyoYAJQ3tT_hpLBg==
age: 78049
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.yimg.com/wi/ytc.js
200 OK 6.9 kB IP
ASN #203220 Yahoo! UK Services Limited
Hash 25e091bda6c98ee609f5998316bd4446
a9cc54949c8d6c397b81877db2bc384978c507de
c135e2ec700019670a4c1bbbe24306c10020e7bcdc6645739cd6e58c6e1d8898
GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xgwCfp16Y40p2JecrJZXxQDlUu4RfXxzXawntN9tZ3Kw/zgcahUM0tOOnB1+aeajRt7AJHcjTW4=
x-amz-request-id: GB4BBA8CTS2A4TR2
date: Wed, 21 Dec 2022 06:12:21 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 10
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671603168303&cv=11&fst=1671603168303&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 949 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671603168303&cv=11&fst=1671603168303&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2109), with no line terminators
Hash a54ad8c2c07874c14fbf220770d18262
6783e41545040484eebe2cc84c10332764627e15
28142bc3a0edf16cfa129c3a3b391fbe947c0d3cf114a7b4810b502956dc7983
GET /pagead/viewthroughconversion/849063932/?random=1671603168303&cv=11&fst=1671603168303&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 949
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 06:27:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671603168286&cv=11&fst=1671603168286&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 952 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671603168286&cv=11&fst=1671603168286&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2109), with no line terminators
Hash dc3588cd94466a371f5fe6e5585e1b4d
364444ff32a0edd49cf30108372bf578ca595c0b
fa1847cf3f7ee2a4a37317f49f7f9e8fbe53e350aaf5b22367d116de52a1c7ec
GET /pagead/viewthroughconversion/391028924/?random=1671603168286&cv=11&fst=1671603168286&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 952
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 06:27:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671603168244&cv=11&fst=1671603168244&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 951 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671603168244&cv=11&fst=1671603168244&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2109), with no line terminators
Hash 241d374c0549baf99f00a7c7c7239b4d
608b4b253548cd713d8ad89261580a459d56cf4e
1db3f87e87ff1ee5375984a8636d0150eb6e16c9ffb27a0b9674165f6f808418
GET /pagead/viewthroughconversion/849073348/?random=1671603168244&cv=11&fst=1671603168244&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1924830407.1671603168&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 951
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 06:27:30 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671603168446&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671603168445.571146676&it=1671603168208&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=bedcde1c-bc01-4a12-b0fb-21db9a1751f9&exp=c1&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671603168446&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671603168445.571146676&it=1671603168208&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=bedcde1c-bc01-4a12-b0fb-21db9a1751f9&exp=c1&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671603168446&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671603168445.571146676&it=1671603168208&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=bedcde1c-bc01-4a12-b0fb-21db9a1751f9&exp=c1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 21 Dec 2022 06:12:30 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Wed, 21 Dec 2022 09:32:27 GMT
Date: Wed, 21 Dec 2022 06:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Wed, 21 Dec 2022 09:32:27 GMT
Date: Wed, 21 Dec 2022 06:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Wed, 21 Dec 2022 09:32:27 GMT
Date: Wed, 21 Dec 2022 06:12:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11997
Expires: Wed, 21 Dec 2022 09:32:27 GMT
Date: Wed, 21 Dec 2022 06:12:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe10e1948eda329f8af1bb3549282c3d
68bc80d4e1cf43094452a666950d44788c6e561b
af172978ad005988e99eba1625443b87a287ae5bf371c1637c2fbc926adefa83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15929
x-amzn-requestid: 5464c25f-83e6-446d-8809-47f2b016432c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKcIqG95oAMFvqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a73d0-2d68c5222d56e6ce6fc14b56;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 01:09:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RBW6zF1yDdhEe4venG9tUgHAQx7KObjYI5wFN3mNCVyo4Lw02wEPuw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 23:54:53 GMT
age: 22657
etag: "68bc80d4e1cf43094452a666950d44788c6e561b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da9b0930ee2249c6e7e1f83890414427
f064f1c66751a7fd57cc2e5bd4de7f0056280201
51f358162f132a7df1894f1f55e14a49facda33efa4339310cc4be2c30fb3bec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7928
x-amzn-requestid: 7ac71ec7-3ebb-4564-909f-5cd431e52cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dBW08HOJoAMFr5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6396d1b9-3ccebae6692c2e0878bb0368;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 07:01:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EUZ2sQCyn9plyTLHdd3W3rL561sn2K02u__wR8B3e_uXnn4bu61ZVg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 04:50:59 GMT
age: 4891
etag: "f064f1c66751a7fd57cc2e5bd4de7f0056280201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.yimg.com/wi/config/10030245.json
200 OK 22 B URL HTTP/2 s.yimg.com/wi/config/10030245.json
IP
ASN #203220 Yahoo! UK Services Limited
File type JSON data\012- , ASCII text, with no line terminators
Hash 14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc
GET /wi/config/10030245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: V4SNV19XXX6C2B1H
x-amz-id-2: q95y42AGjOG7DJxZKCKl/T+VB8gs+iflw/LrR89gBzjthUihHgE9DVJi0aRdLMQvdqMdfeTvvh0=
content-type: application/json
date: Wed, 21 Dec 2022 06:12:29 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 1
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1671603168167%26url%3Dhttps%253A%252F%252Fenvipetro.co.za%252Fverify%252Fhuntington%252Factivefjj%252Fprocessing.html%26liSync%3Dtrue
302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1671603168167%26url%3Dhttps%253A%252F%252Fenvipetro.co.za%252Fverify%252Fhuntington%252Factivefjj%252Fprocessing.html%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1671603168167%26url%3Dhttps%253A%252F%252Fenvipetro.co.za%252Fverify%252Fhuntington%252Factivefjj%252Fprocessing.html%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://envipetro.co.za/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&3467bb4f-7fa8-4653-84b6-e068fe29edb7"; Domain=.linkedin.com; Expires=Thu, 21-Dec-2023 06:12:30 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202212210612303c03a275-b21b-4854-82f5-3023749551c7AQFAW5vbm5SPYImDFjpN4z_UcpMJ8bR7"; Domain=.www.linkedin.com; Expires=Thu, 21-Dec-2023 06:12:30 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzE2MDMxNTA7MjswMjEQoiJ/0lC6ED5A09v4qKxRJj34dUClm5VTOHNIyBbHXA==; Domain=.linkedin.com; Expires=Mon, 19 Jun 2023 06:12:30 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671603150:t=1671689550:v=2:sig=AQEdytXKq_-LtbuvKDx30qJk78ksB-pF"; Expires=Thu, 22 Dec 2022 06:12:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXwUG/8XLQKD6FVvRmjFw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9960503BA8214E4499CD4E5D7B506415 Ref B: OSL30EDGE0516 Ref C: 2022-12-21T06:12:30Z
date: Wed, 21 Dec 2022 06:12:30 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da0372fd2038366c47d4eaff7e31c329
48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0
f0e09b0931450057e6b5f7fdd6d73de0702b170497d7075464edc168ea74a4a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11295
x-amzn-requestid: 6823faac-46cb-4212-a728-aed7b997f246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5RdE1dIAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd5a2-59711c5a6982c90f570c2d7d;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XGQzOuP7MH_7Aw50JqT_CkFnnooFfvm55rNQWsCKE7X9ZHN5eeiCMQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 04:45:01 GMT
age: 5249
etag: "48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/291554/domain/envipetro.co.za/token
200 OK 9.1 kB URL HTTP/2 cdn.linkedin.oribi.io/partner/291554/domain/envipetro.co.za/token
IP
Hash d3ff652f0da3a2071386f2d29c2a9087
3ca7b8d06bb667c1b0c8e8d79db769d6db4de1ac
bd7bfdfe43cca6707a2c355afda538a5e34760976b315ed3e1c6207c8860c6af
GET /partner/291554/domain/envipetro.co.za/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://envipetro.co.za
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Wed, 21 Dec 2022 05:57:20 GMT
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dP-6BXmNtM2_AZKUG2x_q1AlJalMAKLOvw6PEK28RC2Bivi5fdcXkw==
age: 910
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MiX_AJgXGldkYjkeHO1OUPzraljox6v7B1M54cJPBdmfUZ7QETowOw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:55:36 GMT
age: 29814
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31ce91c9-2f56-4bfd-bfc9-6081785436ca.jpeg
200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31ce91c9-2f56-4bfd-bfc9-6081785436ca.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4514b9d40760436bf655b4931fd7f16a
9847b2e222a3bd7a07d62dcdeba78d9224c041e3
c82ad7443b03e55bfe38dcb9b3960ca662ca2cc9b6ae85ddcb445acc13797d31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31ce91c9-2f56-4bfd-bfc9-6081785436ca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 85fe919f-fb74-4409-8e0d-414e5f55e551
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6xeaHmCIAMF3qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63942f8f-68283fcb7e35aae96bd5b1a4;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 07:04:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: osD-zP73jTRraTC_WIVCNFbvjvDREyO9OtlZco-BkfZtCEIcwKrzbg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 04:31:16 GMT
age: 6074
etag: "9847b2e222a3bd7a07d62dcdeba78d9224c041e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/786635084/?random=1671603168265&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=167067656&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 38fa92bdf98fc456409896c6c302f69f
8c945178c08b7917a499ff7a64cc2d4560142073
a85f335d892bb8e74a6556cc459d3419d11b9c2b6b7631baa2e0c938457e7b5a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1856
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Etag: "63a129bb-1d7"
Last-Modified: Wed, 21 Dec 2022 05:41:34 GMT
Server: ECS (amb/6B9F)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/849063932/?random=1671603168303&cv=11&fst=1671602400000&bg=ffffff&guid=ON&async=1>m=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1569986583&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 97216d9347c0d3c1bab297df919688d5
61eca83749fd58d5ce753bf65419435d522c2ce5
7277b81f23f6516aa706c00202e0705421837431095d5b1f7fb0f283ab5736ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 06:12:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=291554&time=1671603168167&url=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://envipetro.co.za/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&360d4777-2cd6-4d6e-883d-50d0f5741da3"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Dec-2023 06:12:30 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671603150:t=1671689550:v=2:sig=AQEzGrgTRLAvpcXajptU_U_meAYgdPyl"; Expires=Thu, 22 Dec 2022 06:12:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXwUHAApbuVRD+hQubsjA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5C7D3E4B9D0E4ED3BE5B32999B6C6132 Ref B: OSL30EDGE0516 Ref C: 2022-12-21T06:12:30Z
date: Wed, 21 Dec 2022 06:12:30 GMT
content-length: 0
X-Firefox-Spdy: h2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2021%20Dec%202022%2006%3A12%3A48%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten
200 OK 43 B URL HTTP/2 sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2021%20Dec%202022%2006%3A12%3A48%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten
IP
ASN #34010 Yahoo! UK Services Limited
File type GIF image data, version 89a, 1 x 1\012- data
Hash bff56ce49dd485d195fdfa0a02342568
74fb4071deab7d3ab083562067b735df32c43397
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
GET /sp.pl?a=10000&d=Wed%2C%2021%20Dec%202022%2006%3A12%3A48%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&enc=UTF-8&yv=1.13.0&tagmgr=gtm%2Censighten HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:30 GMT
expires: Wed, 21 Dec 2022 06:12:30 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: image/gif
accept-ranges: bytes
content-length: 43
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBM6jomMCEEmfocGCEpkvT7K7w8w4hhIFEgEBAQH1o2OsYwAAAAAA_eMAAA&S=AQAAAg2Xnax9mvcdHoiiMTtLmr8; Expires=Thu, 21 Dec 2023 12:12:30 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
200 OK 3.8 kB URL HTTP/2 huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash f6c479853055d38531a9b5ca2a9e137d
c17bcee611ffa3b5d34df2931822291287471c9f
4226aed421ee54d2ad61ea6b91601a5a5ee1718e4a2342a29f6d9fa3466dc3b8
GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:30 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"5098-1671085566555"
last-modified: Thu, 15 Dec 2022 06:26:06 GMT
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081
302 Found 0 B URL HTTP/2 trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Dec 2022 06:12:33 GMT
content-length: 0
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081&try2=true
server: clinch
set-cookie: clinch-sid=557e4d5c-5ce1-4eab-8e9a-b53c907b5bb4; expires=Sat, 21 Dec 2024 06:12:33 GMT; domain=clinch.co; path=/; secure; samesite=none
X-Firefox-Spdy: h2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081&try2=true
200 OK 79 B URL HTTP/2 trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081&try2=true
IP
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 70c92fdbfdaad0989a68617939cf615c
4cc7e0778377d6e89b665e1741c798b9df21693a
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006
GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671603171081&try2=true HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://envipetro.co.za/
Connection: keep-alive
Cookie: clinch-sid=557e4d5c-5ce1-4eab-8e9a-b53c907b5bb4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:33 GMT
content-type: text/html
content-length: 79
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674
200 OK 0 B URL HTTP/2 media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
GET /media/launch/chatLoader.min.js?codeVersion=1671085554674 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 01:07:42 GMT
accept-ranges: bytes
etag: W/"22376-1670548062000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 0kZyiYwAAAACK46KYN14wR46EVAP8S6zHQU1TMDRFREdFMTkwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-azure-ref: 0zqOiYwAAAAB5EmE9e1sESoVE2e5Fr/rZU1ZHMjBFREdFMDYwOABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Wed, 21 Dec 2022 06:12:30 GMT
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.js.download
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /verify/huntington/activefjj/forg/toolkit.min.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1572503455894
200 OK 0 B URL HTTP/2 media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1572503455894
IP
GET /media/launch/tcFramework.min.js?codeVersion=1572503455894 HTTP/1.1
Host: media-lax1.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 06:12:30 GMT
content-type: application/javascript
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
vary: Accept-Encoding
etag: W/"61774ab2-f2eab"
expires: Wed, 21 Dec 2022 07:12:30 GMT
cache-control: max-age=3600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=307932492.6360674&ClientID=1035&PageID=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
200 OK 0 B URL HTTP/2 ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=307932492.6360674&ClientID=1035&PageID=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
IP
GET /huntington/com/serverComponent.php?r=307932492.6360674&ClientID=1035&PageID=https%3A%2F%2Fenvipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 06:12:29 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Wed, 21 Dec 2022 06:12:28 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 4702aeea8654864963fc655b3a07aae2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: eoxa0K9vBL4mRinBcj8F-lfanpPUjrtTso0_ayjboUwAcbX6aE9CeQ==
content-encoding: gzip
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/tcFramework.min.js.download
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/tcFramework.min.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /verify/huntington/activefjj/forg/tcFramework.min.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:42 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:29 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /verify/huntington/activefjj/forg/Bootstrap.js.download HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
IP
ASN #46606 UNIFIEDLAYER-AS-1
GET /verify/huntington/activefjj/forg/toolkit.min.css HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://envipetro.co.za/verify/huntington/activefjj/processing.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 31 Oct 2019 09:12:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
X-Firefox-Spdy: h2
envipetro.co.za/verify/huntington/activefjj/processing.html
200 OK 0 B URL HTTP/2 envipetro.co.za/verify/huntington/activefjj/processing.html
IP
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert openphish Huntington Bank
GET /verify/huntington/activefjj/processing.html HTTP/1.1
Host: envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 21 Dec 2022 06:12:28 GMT
server: Apache
content-type: text/html
last-modified: Thu, 31 Oct 2019 23:51:56 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
192.185.146.233
63.34.68.24
31.13.72.12
87.248.119.252
23.36.79.32
0.0.0.0