Report - mail.envipetro.co.za/verify/huntington/activefjj/processing.html

Report Overview

Submitted URL
mail.envipetro.co.za/verify/huntington/activefjj/processing.html
IP
192.185.146.233
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-12-21 05:43:20
Access
Website Title
Final URL
Tags
huntington financial phishing
urlquery detections
Phishing - Huntington

Detections

urlquery
44
Network Intrusion Detection
1
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	52.43.253.52
connect.facebook.net	139	2012-05-22T04:51:28Z	2023-03-09T05:09:57Z	800 B	116 kB	31.13.72.12
media-lax1.inq.com	41901	2016-05-03T09:58:42Z	2023-02-21T06:19:27Z	415 B	395 B	35.186.193.174
trk.clinch.co	5423	2014-12-18T19:54:09Z	2023-03-09T12:59:04Z	1.9 kB	1.3 kB	52.4.158.229
mail.envipetro.co.za	unknown	2019-05-28T23:48:28Z	2022-12-21T04:35:03Z	18 kB	930 kB	192.185.146.233
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
ocsp.godaddy.com	698	2012-05-20T21:28:57Z	2023-03-09T05:15:13Z	340 B	2.3 kB	192.124.249.22
media-us1.digital.nuance.com	8045	2020-11-15T15:29:59Z	2023-03-09T09:38:23Z	424 B	740 B	13.107.213.53
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.7 kB	7.1 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	4.1 kB	8.4 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	64 kB	34.120.237.76
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-09T08:09:16Z	1.1 kB	2.3 kB	13.107.42.14
cdn.linkedin.oribi.io	unknown	2022-10-19T16:36:39Z	2023-03-09T05:09:15Z	1.0 kB	1.1 kB	54.230.111.112
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	2.4 kB	5.5 kB	93.184.220.29
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	2.0 kB	48 kB	142.250.74.40
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-09T05:09:14Z	304 B	5.0 kB	23.36.76.121
huntingtonbank.inq.com	92998	2019-10-05T06:12:49Z	2023-02-27T06:12:48Z	403 B	2.9 kB	52.189.67.17
s.yimg.com	375	2012-05-21T00:45:00Z	2023-03-09T10:56:13Z	765 B	1.7 kB	87.248.119.251
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	3.1 kB	3.0 kB	142.250.74.131
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	3.1 kB	3.0 kB	216.58.207.228
www.facebook.com	99	2012-05-21T02:23:41Z	2021-02-04T00:31:35Z	737 B	349 B	31.13.72.36
cdn.clinch.co	7154	2016-06-28T16:52:48Z	2023-03-09T12:59:01Z	389 B	5.3 kB	95.101.10.121
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
www.huntington.com	56151	2014-08-03T09:06:58Z	2023-03-08T05:39:31Z	2.4 kB	83 kB	104.84.152.56
ensighten.huntingtonbank.com	91425	2019-02-13T12:49:10Z	2023-03-08T05:39:31Z	1.4 kB	39 kB	34.242.179.188
googleads.g.doubleclick.net	42	2021-02-20T16:43:32Z	2023-03-09T13:41:05Z	3.2 kB	7.5 kB	142.250.74.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2022-12-21 05:43:27	medium	192.185.146.233	Client IP	ET PHISHING Possible Phish - Saved Website Comment Observed

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	mail.envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download	23 kB	2023-03-08	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:04 Times Seen1 Hash ce5bcd443a51a92cb69c81e378385ff7 8a9c94819da6cd1de1134dbb7c621db105e96686 1e272ea101eb4fe5a9fc713d50233cb4563d2a60a19fa75c08d06b82ef369ea2 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html	144 B	2023-03-08	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:38:49 Times Seen1 Hash 91eea0b33cc3ae16efa166466c337cab a1f39bc6cc5c6c6b73c012db61ad4391748e3af0 da6e0d45a46215839d382f30bf79350a1e1855849fecf7807a2bb51c36ffa9eb Loading...

	ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774	145 kB	2023-03-08	2023-09-14
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 IP 34.242.179.188 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:59 Times Seen150 Hash 5828bc2a2ceaa2961527eedaf4167b77 166d54624e012273fa58054d82c8148435c6f51f d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c	183 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash d797584f3410f9648f410fe56fae6921 ce34821f24ab829fc73d2232d2e146dc788a8a90 2709e83e2d6ecb8763b8de608298f4743ddf38ec7f7b7eb2dcca0e41eb992866 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671601408531&cv=11&fst=1671601408531&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671601408531&cv=11&fst=1671601408531&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash 6b527ec6fbdecf03ea670ad960aef493 c7a940e62d1977b6b103c5ef1f3331c3adde3caf 7c78a24723a2ce8fd28e7cad645fced41d0dc63cca60ab190b42a8c61506279a Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1671601408549&cv=11&fst=1671601408549&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1671601408549&cv=11&fst=1671601408549&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash 6aa3725de54c80902e326f4aba61aa1e 65fa56f4a3728bc306b71f14aa89127f85d63fb3 c81221a01e134d6657cf4e5bd3ff8d22e0e9fc1b627267130b36a337965b2c4e Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download	19 kB	2023-03-08	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:04 Times Seen1 Hash 6b7a96f1f8a421d0bd416c2ce3c1e4e3 59d9bf22fe000f57e5479c48e5db806bbb119eea 1dd11423ae34c6e8dd911874d3766ee0129fb062749b5d2bb15f5ca211e0dd12 Loading...

	media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674	22 kB	2023-03-09	2023-03-13
Pretty URL media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674 IP 13.107.213.53 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:16:20 Last Seen2023-03-13 13:05:10 Times Seen1 Hash 3c8bf7b4b77f4d6e74a3801c9389ce3b 7ee74897e116dbc817cf8d312d25ab49e23984f7 c989f3f65d9f4b9a70367cdf328c3b56b0cabcdf5792ff06d9cff7037adc1bf6 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	22 B	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash aab7d086aa65d0b1dbe7f66c419030a3 d2147d7cd554da43ece7f5ee31005e0a9027e301 2e07a8ecce45d8aacb23f22726c59a3f866c915d5e827675004cb2f1605a068e Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	18 B	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash 664fbeef69ace7899b68d36a53d818cb f6b1c7025d521c16bb968d56eb035be900bda85f 77cb438ddab2e19d7cba4750e21af770cb3f2dd6ae15714d31df8d7d7347a8a1 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	18 B	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash 20ab6b5bafb5c74a995a2b9666fce41f b8986eaad8b7c52522b5a2d5b2539043e5356688 02647c8833429aed5339ebe67cffa9d92edde745f3078c56d2abb3a3828fff6e Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	18 B	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash 4d64db417a011506caa10cad45181a67 e325178c68d9ff41d1d6c4c77b283793f2377e91 6333380f4302572cb04f51c56ecf7eacc524ca58bcc4a468c6e2355d45f3eca0 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 17:54:09 Times Seen37068571 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	138 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash 126373bd924e4689602d71c5baaaed57 cd137d80471984a792b5965752c5d924f6d83544 bad55afa7f7df6a69b7fe5b17592e727f74eff07f65fd40d7fad99adc75c1464 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671601408576&cv=11&fst=1671601408576&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671601408576&cv=11&fst=1671601408576&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash 4b7d70012b95204909cb3075e6accca4 2879554034b184aaf6c0464282e260358a886dd3 64ef5d8067be263be79ba8c2b294c751717febbf3a07f0e46520c74b1defe67a Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671601408594&cv=11&fst=1671601408594&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4	2.1 kB	2023-03-10	2023-03-10
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671601408594&cv=11&fst=1671601408594&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash ee52a7bfd6b38dd856e3437807dc7b30 0a3c8ba861267e7b1dfade6dff21c5ea935666c3 d1e44b02af7801d17e5a731a6a09a4d3e9fca70c2f2f3aec8eedf8410e342c86 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	18 B	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash 2f067956f02ba81ff9fec7a24b504dc4 63032541c41f4a3e4a2a10c0a05a8697647c5700 11c57e09c945361e853d2bcd9850417f87a8b22ef969853fca0035592e37c726 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c	139 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash ce8a3f79efe4fa053ae3ea6a10a07087 780a5a2c55a8a873e9569c7ca5cc051f46bc6da6 97cb86288ebef2e2b8343572d5b7a5e03bebaedbf512b841af5341626b11a2fd Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	15 kB	2023-03-08	2023-09-14
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 95.101.10.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:58 Times Seen111 Hash c12dd0f8c53c6d8f8a5c845a2f892307 5e880be41d047f1b7754e93e8a44347d28482702 b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-09	2024-02-19
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 08:43:47 Last Seen2024-02-19 23:40:48 Times Seen19 Hash 586b199afb02c136e3d1e5b2f1485659 903f39091ccbb0b910b7b76da2283bc8646b9290 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download	88 kB	2023-03-07	2024-04-25
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-25 17:41:25 Times Seen95509 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download	20 kB	2023-03-07	2024-04-06
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2024-04-06 05:55:00 Times Seen247 Hash 2fb85e01b38ec473bd67a3ec442d9486 c3c6b95da9c8242f31cd0f3eb1399ca789f47ff7 bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	113 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash c315b30d57fc34b1f2a853a4b6349b86 fcfe5c9d71b4a461451b2c40f974cec7b8d75cf9 04355bdea3ac27a06a65fce9c85924633cd6405d7dca0644036ed8a41c60d197 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download	7.5 kB	2023-03-08	2023-03-14
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-14 12:59:02 Times Seen1 Hash 1a65820c72d98f4d44cd3fcde72aa16b 1a5bee80e401682ff2423f9726c56e6de5236fdd 4397b0132fad8771f4139a111a598d1159c3a8386083ba0bc9f429c80ee651cd Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download	42 kB	2023-03-08	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:04 Times Seen1 Hash 716b797e721e222df96cfaa93ca8670d c1cab9e431f411bda610fe77e446af25d9eb0e74 7b6e4f78bd6d67254b0815e4991cad6e79fcf03fd2bd03ea465228df86060404 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce	63 kB	2023-03-07	2023-10-25
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:11 Last Seen2023-10-25 03:04:37 Times Seen5 Hash 81549b1f4f13ae790dd0fea0ec8c2686 ddbec0647d2496fd9476f2b86a60db8c99908b20 4993ce32b74b1f0d13a926f3f0a79dc7d1bf714ce38130b05068582f96e46899 Loading...

	huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js	5.1 kB	2023-03-09	2023-03-12
Pretty URL huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js IP 52.189.67.17 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 12:44:52 Last Seen2023-03-12 21:35:14 Times Seen1 Hash e046838643f129541f0c49408aafad8f d50c9812a9a783194e72adff87eadbc93e17fbf9 fe4478266750fa112bc0cf4a639a5f6a8884d5baeef3df354c67bd7141634213 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html	576 B	2023-03-08	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:04 Times Seen1 Hash a4476efd56bc97140996084e9f8d5dbc 8830c3eb9ab967a13d967c14ea0027f36f91f662 735b74e91d6421595812f1886e05f18baa8a5dda5697b06b2568964802cafc64 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download	106 kB	2023-03-08	2023-03-14
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-14 12:59:02 Times Seen1 Hash 7ebf63df7b8c0dd7e2e1b96ad0ce91e2 69b5a1cb669759bdb4872db8c4bb35d19efd0127 039ce3ebc4d8b4bdb0870432c6584a0aefd1b697a5a8c5e05f5953fecf0a1fae Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=5.776189300785576&ClientID=1035&PageID=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html	319 B	2023-03-10	2023-03-10
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=5.776189300785576&ClientID=1035&PageID=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html IP 34.242.179.188 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash 3fbc646a2d5c3edacb485f780b52f60c e28fc5c2682d0da880415634e8325e0aa523567d 5173e884aeb0c51c66f8b0ab819fe0c3054d8f5723d6b77bd3da90c41ac37f54 Loading...

	www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c	183 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:20:42 Times Seen1 Hash fae3217f0fe2f8a7672c660332d5397f 1a05034429c6713d1276e28d62a719e75f87dcdc 9f5163092894bb5c0a20f6fef48d604168fc892219c925bfe99e2b08a73ca914 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-09	2024-02-19
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 09:12:38 Last Seen2024-02-19 23:40:48 Times Seen21 Hash 8923a23f541784b67eece6aa2fa0a66f f2cad61f4ec65b3792e1295219a36c1f94fce6af 55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9 Loading...

	connect.facebook.net/signals/config/5140493269326436?v=2.9.90&r=stable	300 kB	2023-03-10	2023-03-10
Pretty URL connect.facebook.net/signals/config/5140493269326436?v=2.9.90&r=stable IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 05:37:53 Times Seen1 Hash c679bf2a759df5a86b905c5ea4f788fa 5932fbd0c92fb3a673935490015f8130c5b321df 41dadf0e5fa9e7c2218efd5e1377ada1d152202d064034833aa48ea1280d7e29 Loading...

	mail.envipetro.co.za/verify/huntington/activefjj/processing.html	3.2 kB	2023-03-10	2023-03-10
Pretty URL mail.envipetro.co.za/verify/huntington/activefjj/processing.html IP 192.185.146.233 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 00:20:42 Last Seen2023-03-10 00:23:30 Times Seen1 Hash 476d3606a1a0bd2e2651a4d34a1ae7ad 313e6339c19357d4e78b58cca5e4e2d5914bc702 2840e2b6822ed8b5dce8545a07e97c2f1f1e051324d0d66f2db23c28e9db6642 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 662e2bc9ea40f7815fc14ec2384c8151	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 662e2bc9ea40f7815fc14ec2384c8151 85490b4fc3e79b718bee28aad635cdbf0a709ca6 3d151b0dcd0bd79e4e6a5ae0535d85337c94a8f5c9447fb13974d4f75e5ca361 Loading...

	#2 Eval - 2a8c58d31bff121aa3907026a152d737	28 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2a8c58d31bff121aa3907026a152d737 dcaa941e42ee5547ee017d615d309e59b1b57947 8a96d5c96f7c639f2c3d3fb2f4dc0da580f54d5e191f4674380da731e871bf1b Loading...

	#3 Eval - f0bcb6054760742619dd8232ef3c0a10	15 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash f0bcb6054760742619dd8232ef3c0a10 5a6da0191a9465a2060a531f8670dba8ec1de60b a86a4ccc459fd4c19c3bc96fc9d54597c33198af95ec665dfb7e729c53ba3c2e Loading...

	#4 Eval - 4edafc01dee4d31d150f7eef22cde69b	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 4edafc01dee4d31d150f7eef22cde69b 4e2cd90a697c35a575ce06ca65884193602962a0 a9a4ed8860c1ea2527c90e6bd39985850fd4a2627faad24560b2f3d877ea08d8 Loading...

	#5 Eval - 2fcadbf3619580c10de36fecbe9f9085	12 kB	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:05 Times Seen1 Hash 2fcadbf3619580c10de36fecbe9f9085 b74d14b75ecd6075e3d3d995d2b2becaaf0f40a4 839396110ecf53502c0d283b9ebaf3b58f02f1cb263883163ecba428e06eedeb Loading...

	#6 Eval - 117fa8c0b075bb7cadd673006628c0c2	30 kB	2023-03-08	2023-03-10
Pretty Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-10 09:40:05 Times Seen1 Hash 117fa8c0b075bb7cadd673006628c0c2 5446d75e873dd8c8847f410bff81ca80fd51e2a2 d5f768904105cc9dffa071723e280a6f700b74b8a307d1c5b9a4ce5d93ba6d7c Loading...

	#7 Eval - 7e39ed720ec93e5fad95e53d0dcdfaa1	18 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 7e39ed720ec93e5fad95e53d0dcdfaa1 d1e532e06d343982612146fe96f2ed1023d547fa f152bee9780f82664f1561f59d4cfb7a8aa6490e08066899276dda831b3f3b53 Loading...

	#8 Eval - 2ee58accb196af11debb695dc1b27a4d	20 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2ee58accb196af11debb695dc1b27a4d 683d57f49ae989c9bd8d09f9e6ca1c483010cc61 1ad74da51608a5830dc65b73a416e1182289e1e46f653e798c02b22f53d09e11 Loading...

	#9 Eval - 16434cb1948736e604365f82624577ee	23 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 16434cb1948736e604365f82624577ee 3bf3a89283ad989c0486bd7d04215d7adbdab884 ff00ecc4d338e97894d9afc638f3184b3ecab052c80d6b3377fbabe6afe3d71f Loading...

	#10 Eval - 561c579b1c992ddb6df4c14838c2f30c	22 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 561c579b1c992ddb6df4c14838c2f30c 76b6af2bdf3d11eb093a8d14bd665ba4f38638d9 594d5abbc9f4e285b8be7425b07db97f9c6306c800d8072081a003080ebd429f Loading...

	#11 Eval - cf868d8d47b14a245d9dd5763458f791	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash cf868d8d47b14a245d9dd5763458f791 41f2d7008670a86e5fba13ce3d67231b3fb55cfc 92b445b1a5af92ca2a9349d1a8237ad3cdb081b4d6388a7e99f35593c23be6bb Loading...

HTTP Transactions (125)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
048cda18c6dbe7c4e4b106f5e1104b0a
1bd6f3367ccf446263b00ad8c1ece15a4164730b
66a680d9b8e454db94e14d2c4a466891e538b2d83ccee0dc65be62163992b4e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "66A680D9B8E454DB94E14D2C4A466891E538B2D83CCEE0DC65BE62163992B4E0"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12787
Expires: Wed, 21 Dec 2022 09:16:16 GMT
Date: Wed, 21 Dec 2022 05:43:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2532
Expires: Wed, 21 Dec 2022 06:25:21 GMT
Date: Wed, 21 Dec 2022 05:43:09 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 21 Dec 2022 04:45:54 GMT
content-type: application/json
age: 3435
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f4b32de26d9af2cba6afcdcf716d3fb8
644ead4436a8f2fc1f0dd25e4484b64f6ed63347
525123034cb53d750d5ebd487015911452d2cd3c34301e6628f2f52f3f0bfc88

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "525123034CB53D750D5EBD487015911452D2CD3C34301E6628F2F52F3F0BFC88"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12095
Expires: Wed, 21 Dec 2022 09:04:44 GMT
Date: Wed, 21 Dec 2022 05:43:09 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 92hcPLm+jWlSca4FTjTRLhOYhATBQmraCfKig0x0m+RuEUK6GC3+/7Sqpss8GFAu1KSZY7Dt38vK5RkD6UPLtA==
x-amz-request-id: 8WHPNV3QQ61NQKGT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Dec 2022 04:55:15 GMT
age: 2874
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/processing.html

192.185.146.233

200 OK

38 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/processing.html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3686)
Size
38 kB (37776 bytes)
Hash
084745df989b3bac64fae175debf2034
b47eebbc858ea71e91791c65d798fdeb3f072234
5b71f579930c3a8e11449f8ef8c637d7e8b7359a948026dd816add801b84480e

Detections

NIDS	Severity	Alert
suricata	medium	ET PHISHING Possible Phish - Saved Website Comment Observed

HTTP Headers

GET /verify/huntington/activefjj/processing.html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: nginx/1.23.2
Content-Type: text/html
Last-Modified: Thu, 31 Oct 2019 23:51:56 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT
Transfer-Encoding: chunked

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 05:43:09 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download

192.185.146.233

200 OK

39 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65451)
Size
39 kB (38667 bytes)
Hash
efac5ec08a294b9719fa79a8452f93a2
58475b2c269b29313c16c3ee9a9e8a9bc6e80097
1d2a26f8aaf3ff0298a942711bf9b01dc2aef45e955031ec7935ca76549afc83

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/jquery-3.4.1.min.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download

192.185.146.233

200 OK

7.7 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/chat-fab.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (19644)
Size
7.7 kB (7650 bytes)
Hash
bf5689b8923263fd6b033aac877b032e
3df75cc33f1d65035b5374aaad24d45df06bb681
ed45217eccd6d351121aaa63d36d315c6b9626caea11725fabe4b2b2a5acd0ad

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/chat-fab.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 31 Oct 2019 09:12:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7650
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download

192.185.146.233

500 Internal Server Error

6.3 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (481)
Size
6.3 kB (6308 bytes)
Hash
eb151dd392a0644484b23d739bf1e6ed
3e4d4e7509a02e37f7f6442be91782e604a56414
1adede4a6b8bc662edc345dfadc65304f346ab71db94b67d83e02356afe1973e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/sp.pl.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 500 Internal Server Error
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 6308
Last-Modified: Sat, 01 Oct 2022 13:15:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close

mail.envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download

192.185.146.233

200 OK

3.3 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/site-survey.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (7496), with CRLF line terminators
Size
3.3 kB (3288 bytes)
Hash
e7f68cf9f1b2c80ee3b115f4f267b25e
d8c2d8ac99ff59d4ed6acae7e9b810d1c92038b3
376b8a7535f91db0deacd7e8acd5e8964f216e3f7ed27fbc714346973eb83fe5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/site-survey.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3288
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

192.185.146.233

200 OK

91 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
91 kB (90876 bytes)
Hash
363e73191610a49c0fa15748b7665616
9ab38a079b4afba921921c86861bebe5d4055a48
a0526232002065bf600a3d5704e1b105f4ab42f7a2b7308d1ae1c8536d3c8625

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/toolkit.min.css HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 31 Oct 2019 09:12:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/css

mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl(1).download

192.185.146.233

200 OK

0 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl(1).download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/sp.pl(1).download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: nginx/1.23.2
Content-Length: 0
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 21 Dec 2022 05:33:24 GMT
age: 585
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/forg/lockup.svg

192.185.146.233

200 OK

3.9 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/lockup.svg
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Size
3.9 kB (3942 bytes)
Hash
760da63259e763df170dc8720b8d8a41
efd755d6b9efdb7ce688a77f4d68dee3498162eb
9ce0c7443f6975ac01655f26813947926a374c68f28289dd198fc6299203beed

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/lockup.svg HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:40 GMT
Accept-Ranges: bytes
Content-Length: 3942
Content-Type: image/svg+xml

mail.envipetro.co.za/verify/huntington/activefjj/forg/0

192.185.146.233

200 OK

0 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/0
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/0 HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: nginx/1.23.2
Content-Length: 0
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download

192.185.146.233

200 OK

42 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/Bootstrap.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (579)
Size
42 kB (42042 bytes)
Hash
4028bf36a3e6bc2548e65adc7b666efa
62a6e951388e842f2f2169dec2250f3847aca705
b6af671b2b4d1baa7620bd98b77fd8a5677c373859b8c9e535c74c19fff638ce

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/Bootstrap.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 31 Oct 2019 09:12:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/oo_icon_retina_black.gif

192.185.146.233

200 OK

3.3 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/oo_icon_retina_black.gif
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 18 x 18\012- data
Size
3.3 kB (3334 bytes)
Hash
a12e06853203ca600c1be91018b8b676
c8e2c4e88d37cb79ea9ddc3ed78186b409333912
62e5b1bb4bc6496956b943374fca10b7fee4af4dc15450b7772469f38b2e06b9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/oo_icon_retina_black.gif HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:40 GMT
Accept-Ranges: bytes
Content-Length: 3334
Content-Type: image/gif

mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.js.download

192.185.146.233

200 OK

164 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
164 kB (164048 bytes)
Hash
56df9e15520787cb9011b7ad87d79563
8fb9f9db5dae30a9d4b2f2e9d137cd77ff789a8b
98bf98a53efa961f149278db5a2840b2bce30ede31484db1ff56ecfa8eef2e1f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/toolkit.min.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Thu, 31 Oct 2019 09:12:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/forg/0(1)

192.185.146.233

200 OK

0 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/0(1)
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/0(1) HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Length: 0
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3435
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Last-Modified: Wed, 21 Dec 2022 04:45:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3293
Cache-Control: max-age=160276
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Etag: "63a25f25-1d7"
Expires: Fri, 23 Dec 2022 02:14:26 GMT
Last-Modified: Wed, 21 Dec 2022 01:19:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5508
Cache-Control: max-age=162491
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Etag: "63a25f25-1d7"
Expires: Fri, 23 Dec 2022 02:51:21 GMT
Last-Modified: Wed, 21 Dec 2022 01:19:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a250ed505d8c0d5830cf5b6119d4e383
96552671acb11523ff277ec050768abb0eb25ab0
629f2b06fb50ff08303bc208da1c991b13b4a54287a74796f3f12adf790264e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 865
Cache-Control: max-age=157848
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Etag: "63a25f25-1d7"
Expires: Fri, 23 Dec 2022 01:33:58 GMT
Last-Modified: Wed, 21 Dec 2022 01:19:33 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download

192.185.146.233

500 Internal Server Error

6.3 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/sp.pl.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (481)
Size
6.3 kB (6308 bytes)
Hash
eb151dd392a0644484b23d739bf1e6ed
3e4d4e7509a02e37f7f6442be91782e604a56414
1adede4a6b8bc662edc345dfadc65304f346ab71db94b67d83e02356afe1973e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/sp.pl.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 500 Internal Server Error
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 6308
Last-Modified: Sat, 01 Oct 2022 13:15:55 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Connection: close

mail.envipetro.co.za/verify/huntington/activefjj/loading.gif

192.185.146.233

200 OK

126 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/loading.gif
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 340 x 340\012- data
Size
126 kB (126069 bytes)
Hash
465f55188a4c0f479cfbad002c8b58c3
6bbce57136615ea6e5f956e6dd9145343b18e3e6
f5a419c0a6d36e8f7776dddf084522cbb8522ab3c2bd901f0da92f3e35e75af8

HTTP Headers

GET /verify/huntington/activefjj/loading.gif HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 23:44:58 GMT
Accept-Ranges: bytes
Content-Length: 126069
Content-Type: image/gif

mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2

104.84.152.56

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19976
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1316178220", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=478862
expires: Mon, 26 Dec 2022 18:44:12 GMT
date: Wed, 21 Dec 2022 05:43:10 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

104.84.152.56

200 OK

19 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 18636
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-591602681"
x-ua-compatible: IE=edge
cache-control: public, max-age=437454
expires: Mon, 26 Dec 2022 07:14:04 GMT
date: Wed, 21 Dec 2022 05:43:10 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2

104.84.152.56

200 OK

21 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 20592
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-397965887", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=847132
expires: Sat, 31 Dec 2022 01:02:02 GMT
date: Wed, 21 Dec 2022 05:43:10 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

104.84.152.56

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19712
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1293310310", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=2147510
expires: Sun, 15 Jan 2023 02:15:00 GMT
date: Wed, 21 Dec 2022 05:43:10 GMT
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg

192.185.146.233

200 OK

707 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
707 B (707 bytes)
Hash
422002ff598ec781dc753d0627bec1ee
d440d6acb305d644a4ba824a28c97f04511aac95
4808c0ca2576dc18bf8df509199edef7a4a2b809fde09ecc6688f998e855486e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/EHL_Black_HouseOnly.svg HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Content-Length: 707
Content-Type: image/svg+xml

mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-700.woff
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/muli-v11-latin-700.woff HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/forg/logo-honeycomb.svg

192.185.146.233

200 OK

844 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/logo-honeycomb.svg
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Size
844 B (844 bytes)
Hash
d7ce1f5e222e75801ed22741962ac64b
3cf38997840e2047e145a747cbb220cee28adaab
83e4d5829d43cb3723521baf4e6a8f7130f0bf91cb957ee14d9c7dde2d9ccb93

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/logo-honeycomb.svg HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Content-Length: 844
Content-Type: image/svg+xml

mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html

192.185.146.233

200 OK

637 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (432)
Size
637 B (637 bytes)
Hash
e3d3a570a6e7476ff2a5c1b92bf148fc
05388fb247c7e1dda7bcc0bf795d5f47d57e227a
ef43c8adc400f18d7a9c01ae2122f74a9d2ad203cd0bb37d7e6f7960cc9c2932

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/nuanceChat.html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 637
Last-Modified: Thu, 31 Oct 2019 09:12:44 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi.html

192.185.146.233

200 OK

475 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi.html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (313)
Size
475 B (475 bytes)
Hash
20284bb64eaf3570d981ac82c780dd64
f65747e9e2b5f125a16fd563bcab0ef87e63524a
feb28fb750c69a04c87a4697b96d9bbb8d0d657df140cf153173249f9776df2c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/activityi.html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 475
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/muli-v11-latin-300.woff
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/muli-v11-latin-300.woff HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gFQ5w7z7WzhNe4FFDkaENg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8nEi5fJX3kMEIALUDkXetlQBB2E=

mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff

192.185.146.233

404 Not Found

12 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
12 kB (11816 bytes)
Hash
a8063bd37d3c8fb3176a6bf140558a4d
e32cf4b407db3d3773ded13ff64b70fdbad7735f
bccb23d41c2cc69cf0c7d22c4314ca8181a513c6999b73e45307792830f4e482

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/toolkit.min.css

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Content-Length: 11816
Vary: Accept-Encoding
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html

192.185.146.233

200 OK

468 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (306)
Size
468 B (468 bytes)
Hash
ade204a9145cc594265253afe7cb905f
bc8e25b59afb25c3bc56fb5d98e111270c5b4389
26d0393246eed0d1ede4731580a1320f41d0b976e5de3d763f4be7794039f149

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/activityi(1).html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 468
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html

192.185.146.233

200 OK

371 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
371 B (371 bytes)
Hash
17129e91277986629517a89ca301dbfc
b13a862d16e8f29c449b5b227efe2cb7f62fb68a
b2cf6a8a642dbe371ec7fd0f466ca20ce44fee242c33d274abff80c99b3fe24c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/activityi(2).html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 371
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=5.776189300785576&ClientID=1035&PageID=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html

34.242.179.188

200 OK

244 B

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=5.776189300785576&ClientID=1035&PageID=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (318)
Size
244 B (244 bytes)
Hash
4ea6f9f38bf40b02e75a2e2b1a819427
ae2d87956051f01d886baac804136183c6eb5a41
b42b7f893c1db930dbefd5de30af32c355ac5c1a18b42a520f132401cbb02963

HTTP Headers

GET /huntington/com/serverComponent.php?r=5.776189300785576&ClientID=1035&PageID=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 21 Dec 2022 05:43:09 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 d8e6d5a84eb26ff3b7d1801d7337b390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: l_n28Ygs61xk2UKTxKGWDkmKWcQUEQMLzXfnVOX-PIV2yfDyIjx67Q==
Content-Encoding: gzip

mail.envipetro.co.za/verify/huntington/activefjj/:abstract.simplenet.com/point.gif

192.185.146.233

404 Not Found

4.7 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/:abstract.simplenet.com/point.gif
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
4.7 kB (4677 bytes)
Hash
e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/:abstract.simplenet.com/point.gif HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4677
Content-Type: text/html

mail.envipetro.co.za/verify/huntington/activefjj/abstract.simplenet.com/point2.html

192.185.146.233

404 Not Found

4.7 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/abstract.simplenet.com/point2.html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
4.7 kB (4677 bytes)
Hash
e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/abstract.simplenet.com/point2.html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/processing.html

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 4677
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

mail.envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download

192.185.146.233

200 OK

8.5 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (999)
Size
8.5 kB (8485 bytes)
Hash
2a8e8b3225dbfdcd6e4519082aa6fabd
46c9f0adc30a07c9725927ca75388dcfb714bb7e
b510bb32faa550cf92859dfdfeefac44f3a79bde95a78efe3d6764207b68e3d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/inqChatLaunch10006663.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8485
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download

192.185.146.233

200 OK

14 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/site_10006663_default.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (21865)
Size
14 kB (13524 bytes)
Hash
d76b27abe4da5f9e8cc1db8a3a95b067
fee40136b8b716be0047509389a4b771586a27e1
75ca6b1e250760d5278c049b88e3958831f38876eda8e1968b4c8d75c1e6ce40

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/site_10006663_default.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13524
Content-Type: application/javascript

ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

34.242.179.188

200 OK

37 kB

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (557)
Size
37 kB (37281 bytes)
Hash
0de5f6cceb14db8cc7bf86ec19b57f9a
a8ee6ce86c42294fdfb2b902035c1d34ad527248
3f15b0d63296133b3341d2790bceaf92de56964dc4300f6e4119754de7b71d8f

HTTP Headers

GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 25 Oct 2022 01:03:34 GMT
ETag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: nHrqRPMkSK86_J0beFDSV0g-1NGPLRhH9abtZylJpF3nAi2gjESd3A==
Age: 591604

www.huntington.com/Presentation/images/favicon-16x16.png

104.84.152.56

200 OK

322 B

URL HTTP/2
www.huntington.com/Presentation/images/favicon-16x16.png
IP
104.84.152.56:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
322 B (322 bytes)
Hash
55f45d358206ca31c4759defeea3be62
04c605b51629b94085bc2bd054b4e6c6989b2ffb
1c8581c1cc0ae1972eaf6022b377d3cb4c343f9c14d441376b1c546996685f51

HTTP Headers

GET /Presentation/images/favicon-16x16.png HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "0d42de2dc28d81:0"
last-modified: Wed, 08 Jun 2022 21:36:06 GMT
server: Akamai Image Manager
content-length: 322
content-type: image/webp
cache-control: private, no-transform, max-age=61146
expires: Wed, 21 Dec 2022 22:42:16 GMT
date: Wed, 21 Dec 2022 05:43:10 GMT
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w

192.185.146.233

200 OK

42 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/dc_pre=CLTq_MC0x-UCFa2pUQodVuwC7w HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Length: 42
Last-Modified: Thu, 31 Oct 2019 09:12:34 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

302 Found

252 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
252 B (252 bytes)
Hash
c911c6f4161cf68ee27d02ec0f268ff8
0bd040c44c96dd6b1b89613ffc4e48a0152eec95
c9fc67737c8a2913e73cf8ab458fbb11b1d39ea3302992eb0da094fe74954164

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 252
X-XSS-Protection: 0

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

34.242.179.188

204 No Content

0 B

URL HTTP/1.1
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
34.242.179.188:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fforg%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 2900c8bea7962de658e6de19988c7118.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: 7d-TH5LgASDa_Np3auxt8T4BXk6hD6VDgOSDPqOQW9EsD0bllbJAkQ==
Age: 7569

mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw

192.185.146.233

200 OK

42 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/dc_pre=CJae2MC0x-UCFUXk5god2JgMuw HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(1).html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Length: 42
Last-Modified: Thu, 31 Oct 2019 09:12:34 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ

192.185.146.233

200 OK

42 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/dc_pre=CKyG_cC0x-UCFVTk5godLMAPeQ HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/activityi(2).html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Length: 42
Last-Modified: Thu, 31 Oct 2019 09:12:34 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

mail.envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce

192.185.146.233

200 OK

63 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (62628), with no line terminators
Size
63 kB (62628 bytes)
Hash
81549b1f4f13ae790dd0fea0ec8c2686
ddbec0647d2496fd9476f2b86a60db8c99908b20
4993ce32b74b1f0d13a926f3f0a79dc7d1bf714ce38130b05068582f96e46899

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: nginx/1.23.2
Content-Length: 62628
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44187 bytes)
Hash
8c7550675d1b31e3b192892c8e54ee0c
269fc2e9cdd67b987e290fbde517c869c385462c
c310a2d2a8d9f9713e52a3774370e8c4c85ee8af4bdde34876d8b8e6dbfbc92f

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.envipetro.co.za/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Dec 2022 05:43:10 GMT
expires: Wed, 21 Dec 2022 05:43:10 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4

HTTP Headers

GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b

HTTP Headers

GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f

HTTP Headers

GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577

HTTP Headers

GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

cdn.clinch.co/a_js/client_pixels/clq/script.min.js

95.101.10.121

200 OK

4.6 kB

URL HTTP/1.1
cdn.clinch.co/a_js/client_pixels/clq/script.min.js
IP
95.101.10.121:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (14797), with no line terminators
Size
4.6 kB (4567 bytes)
Hash
87474300d7f17748e3ed24b42d4bee2b
9d2c3a1f2b9cffdcb309ea2a2b13bed7b693042c
0388ad3b8fc80cfb336b71fabe7c01a2a8d8ff699fb448f4105a7d9ff5f680ef

HTTP Headers

GET /a_js/client_pixels/clq/script.min.js HTTP/1.1
Host: cdn.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: GOUPBDUqUrWxvP4/HKrzDYlrArfvlOmQz/pa4jdSpy+ixsYiakPlmO04sxkhp2bewI29qI1gmfQ=
x-amz-request-id: C4V9F73KCAC1YNPX
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
ETag: "666e09028e21421106f9ecd0ceb1ddac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=25765851
Expires: Sun, 15 Oct 2023 10:54:01 GMT
Date: Wed, 21 Dec 2022 05:43:10 GMT
Content-Length: 4567
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Access-Control-Allow-Origin: *

mail.envipetro.co.za/verify/huntington/activefjj/forg/tcFramework.min.js.download

192.185.146.233

200 OK

175 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/tcFramework.min.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (3096)
Size
175 kB (174681 bytes)
Hash
c07430b0653d2aabb82ae7204b80b23e
f708cae78c7201839f334773087461e4ef3326b9
c2e21ee5ea5519788382bc1840f298f947acc0f1ce0f9029d8c97264da31834a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/tcFramework.min.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:10 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2918
Cache-Control: max-age=111233
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Etag: "63a1a10a-1d7"
Expires: Thu, 22 Dec 2022 12:37:04 GMT
Last-Modified: Tue, 20 Dec 2022 11:48:26 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27298 bytes)
Hash
8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: FyOvF+Srt+T448m6HPYrhKvOs+Nsm12mqb34dHUpLLJ/xbiidDBY8TjEoLOTlrM8PZwyY8FHIduUyot0/dqAYw==
priority: u=3,i
content-length: 27298
x-fb-trip-id: 2074150462
date: Wed, 21 Dec 2022 05:43:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671601408576&cv=11&fst=1671601408576&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.98

200 OK

956 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1671601408576&cv=11&fst=1671601408576&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2117), with no line terminators
Size
956 B (956 bytes)
Hash
757d8be854c49f33de5171470d19519c
746c3a05318ed56571ff847ae445c48404c0dd2a
4c7a0bd21ce620a142d55b978ef73e5a6f72922cdfde8e11b3000a0280579928

HTTP Headers

GET /pagead/viewthroughconversion/391028924/?random=1671601408576&cv=11&fst=1671601408576&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 956
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 05:58:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
bb120a816fcf4f6afe7a3aeab18e7bbd
1f15e81595a0b524a2401d5566beaa0b8d4f61e6
cca2f14595c5ba6446c4e522883036fa07e31599909870ad42bc678587b1a91d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4207
Cache-Control: max-age=112522
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Etag: "63a1a10a-1d7"
Expires: Thu, 22 Dec 2022 12:58:33 GMT
Last-Modified: Tue, 20 Dec 2022 11:48:26 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671601408531&cv=11&fst=1671601408531&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.98

200 OK

955 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1671601408531&cv=11&fst=1671601408531&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2117), with no line terminators
Size
955 B (955 bytes)
Hash
70f0170848eb4b318629d1297b7d1362
bfceaaacbb0abe0e64b30e59b75c1bd804c166f1
c7be9739cdb16e3dcf81500a26bec66a556f06d1c5044f6d0242b047fb4a6f4c

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1671601408531&cv=11&fst=1671601408531&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 955
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 05:58:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1671601408549&cv=11&fst=1671601408549&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.98

200 OK

956 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1671601408549&cv=11&fst=1671601408549&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2117), with no line terminators
Size
956 B (956 bytes)
Hash
185c1c07671d50e7ebaa02f127d38fab
34b0552e64e30cd081ea45eb461cbba4b907bdc3
59e9beae70f276f438526f0220cc340447697876d86039ce911d0d18a0e5383c

HTTP Headers

GET /pagead/viewthroughconversion/786635084/?random=1671601408549&cv=11&fst=1671601408549&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 956
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 05:58:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671601408594&cv=11&fst=1671601408594&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.98

200 OK

957 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1671601408594&cv=11&fst=1671601408594&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2117), with no line terminators
Size
957 B (957 bytes)
Hash
dd5e45913e3664abab72e09befe06434
c7ed048602f38c4face00077e4921f06c6848341
84fc4d0301ee269783fecd8af014661d57844914d1758095cb31209833332709

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1671601408594&cv=11&fst=1671601408594&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1981803669.1671601408&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 957
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 21-Dec-2022 05:58:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/signals/config/5140493269326436?v=2.9.90&r=stable

31.13.72.12

200 OK

86 kB

URL HTTP/2
connect.facebook.net/signals/config/5140493269326436?v=2.9.90&r=stable
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64471)
Size
86 kB (86074 bytes)
Hash
b5e0e5b989c59c402bf382c16d016dab
c2de33c684f36f71ce376a951292bc68f682f7f0
e5566e85de21cd0e67d3141ca630af22bbe6f408cec9f316a39dc70180a5f6ad

HTTP Headers

GET /signals/config/5140493269326436?v=2.9.90&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6fobaPSwFKLnCp53QMXjtLzK2T0HCBoVRz9yUNPU9UeVesIi/wDV0gNC0oCWaqPJMhRGlyE9TKBMH5JjHLjUDg==
priority: u=3,i
content-length: 86074
x-fb-trip-id: 2074150462
date: Wed, 21 Dec 2022 05:43:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8332beb6c78411d1a00505e36f5a13df
d9793605d82cc92419d2ba9140e1b8b2905da31b
665b79a0c3e5812e9921688d82b229c49fe77f8372562fe015f12f6f56b67ee9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "665B79A0C3E5812E9921688D82B229C49FE77F8372562FE015F12F6F56B67EE9"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 21 Dec 2022 11:43:11 GMT
Date: Wed, 21 Dec 2022 05:43:11 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671601408791&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671601408790.1575728417&it=1671601408676&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=853220eb-4a3d-4d1f-8d07-719bcaec51e1&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671601408791&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671601408790.1575728417&it=1671601408676&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=853220eb-4a3d-4d1f-8d07-719bcaec51e1&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&rl=&if=false&ts=1671601408791&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.2.1671601408790.1575728417&it=1671601408676&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=853220eb-4a3d-4d1f-8d07-719bcaec51e1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 21 Dec 2022 05:43:11 GMT
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1671601408549&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1135153147&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1671601408531&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3809616006&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1671601408594&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1772114727&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8332beb6c78411d1a00505e36f5a13df
d9793605d82cc92419d2ba9140e1b8b2905da31b
665b79a0c3e5812e9921688d82b229c49fe77f8372562fe015f12f6f56b67ee9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "665B79A0C3E5812E9921688D82B229C49FE77F8372562FE015F12F6F56B67EE9"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Wed, 21 Dec 2022 11:42:12 GMT
Date: Wed, 21 Dec 2022 05:43:11 GMT
Connection: keep-alive

www.google.com/pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=0&ipr=y

216.58.207.228

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=0&ipr=y
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1671601408576&cv=11&fst=1671598800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2730044907&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Dec 2022 05:43:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.163

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
97216d9347c0d3c1bab297df919688d5
61eca83749fd58d5ce753bf65419435d522c2ce5
7277b81f23f6516aa706c00202e0705421837431095d5b1f7fb0f283ab5736ff

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mail.envipetro.co.za/resources/9aa6326d0a213349d14536877709ce

192.185.146.233

200 OK

4.7 kB

URL HTTP/2
mail.envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
4.7 kB (4677 bytes)
Hash
e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

POST /resources/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 869
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Dec 2022 05:43:11 GMT
server: Apache
content-type: text/html
content-length: 4677
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html

192.185.146.233

200 OK

614 B

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (572)
Size
614 B (614 bytes)
Hash
f55378c87e0092d3258f720ff87ccaf9
b7c241737a812a96561ffced58a9e7e76663a006
6293a9065aab02790379ff45bc1ffe1aef82d9aaeed76461940ca6c1c52577cd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/postToServer.min.html HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/nuanceChat.html
Cookie: _gcl_au=1.1.1981803669.1671601408
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:11 GMT
Server: nginx/1.23.2
Content-Type: text/html
Content-Length: 614
Last-Modified: Thu, 31 Oct 2019 09:12:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.121

200 OK

4.7 kB

URL HTTP/1.1
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13063)
Size
4.7 kB (4654 bytes)
Hash
bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/

HTTP/1.1 200 OK
Last-Modified: Thu, 15 Dec 2022 18:31:06 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=86300
Date: Wed, 21 Dec 2022 05:43:11 GMT
Content-Length: 4654
Connection: keep-alive
X-CDN: AKAM

mail.envipetro.co.za/resources/9aa6326d0a213349d14536877709ce

192.185.146.233

200 OK

4.7 kB

URL HTTP/2
mail.envipetro.co.za/resources/9aa6326d0a213349d14536877709ce
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
4.7 kB (4677 bytes)
Hash
e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

POST /resources/9aa6326d0a213349d14536877709ce HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 931
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Dec 2022 05:43:11 GMT
server: Apache
content-type: text/html
content-length: 4677
last-modified: Sat, 01 Oct 2022 13:16:52 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download

192.185.146.233

200 OK

7.6 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js.download
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Java source, ASCII text, with very long lines (859)
Size
7.6 kB (7629 bytes)
Hash
a37e1a7452a0bb64dddff33c9b7a850c
5efb170ddb995643479c09bf3b06f1c7f253b7ee
c75a0b8cc8d182ecfd3efa8cd5b167e1bf33e2a3b68d151a99e6e3cc228e92ec

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/postToServer.min.js.download HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html
Cookie: _gcl_au=1.1.1981803669.1671601408; _fbp=fb.2.1671601408790.1575728417

HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 05:43:11 GMT
Server: Apache
Last-Modified: Thu, 31 Oct 2019 09:12:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7629
Content-Type: application/javascript

mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js

192.185.146.233

404 Not Found

4.7 kB

URL HTTP/1.1
mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.js
IP
192.185.146.233:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Size
4.7 kB (4677 bytes)
Hash
e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /verify/huntington/activefjj/forg/postToServer.min.js HTTP/1.1
Host: mail.envipetro.co.za
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/verify/huntington/activefjj/forg/postToServer.min.html
Cookie: _gcl_au=1.1.1981803669.1671601408; _fbp=fb.2.1671601408790.1575728417

HTTP/1.1 404 Not Found
Date: Wed, 21 Dec 2022 05:43:11 GMT
Server: Apache
Last-Modified: Sat, 01 Oct 2022 13:16:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4677
Content-Type: text/html

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4055
Expires: Wed, 21 Dec 2022 06:50:46 GMT
Date: Wed, 21 Dec 2022 05:43:11 GMT
Connection: keep-alive

huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

52.189.67.17

200 OK

2.5 kB

URL HTTP/2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
52.189.67.17:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
2.5 kB (2477 bytes)
Hash
e08e6c686af54f690a54b32c9daca1f4
d4feafc33fdf3e032eeccfdb12ebbbf8953c6921
842421d97ea686b5f49249dfd18f84ec93f7810970194c5f2e6e29a090ab1e87

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 21 Dec 2022 05:43:11 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"5098-1671085566555"
last-modified: Thu, 15 Dec 2022 06:26:06 GMT
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4055
Expires: Wed, 21 Dec 2022 06:50:46 GMT
Date: Wed, 21 Dec 2022 05:43:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4055
Expires: Wed, 21 Dec 2022 06:50:46 GMT
Date: Wed, 21 Dec 2022 05:43:11 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6809 bytes)
Hash
5ee781b4dac0e5f31cad54166a2bf7ae
a5357119d272bbe12c5b04ce485adde44baab79e
888def1ab766561e373c83c6e9479a0ac0a8644f92bcf02ebf4cd110d0f53579

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25a093de-42e4-4a82-ae88-ffa4606c2565.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6809
x-amzn-requestid: 392b7c42-81b7-4ab8-84bc-e2bc48eb6c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5RAE19oAMFVKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd59f-78738e5d7cec75db6ccc5507;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: khJQIYa8pgVvRmBe4gdU5a8InsztW9pdj0wBDk7Ih-W4wJjNJm-GTg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 23:25:25 GMT
age: 22666
etag: "a5357119d272bbe12c5b04ce485adde44baab79e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7928 bytes)
Hash
da9b0930ee2249c6e7e1f83890414427
f064f1c66751a7fd57cc2e5bd4de7f0056280201
51f358162f132a7df1894f1f55e14a49facda33efa4339310cc4be2c30fb3bec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fa8a62f-ea22-4322-aa22-949d8110171e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7928
x-amzn-requestid: 7ac71ec7-3ebb-4564-909f-5cd431e52cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dBW08HOJoAMFr5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6396d1b9-3ccebae6692c2e0878bb0368;Sampled=0
x-amzn-remapped-date: Mon, 12 Dec 2022 07:01:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EUZ2sQCyn9plyTLHdd3W3rL561sn2K02u__wR8B3e_uXnn4bu61ZVg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 04:50:59 GMT
age: 3132
etag: "f064f1c66751a7fd57cc2e5bd4de7f0056280201"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F743a20e0-8fa8-4f0d-a2d1-8daba4b14e8c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3778 bytes)
Hash
d38ef34d93be3d43e11e9d64a419a1be
1e5712d83360b5c2073d422ba21160b86b3f55d7
a8017c2122c268d971420a7b79baec22ed16eb5f429829e3b126c581ae4916f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F743a20e0-8fa8-4f0d-a2d1-8daba4b14e8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3778
x-amzn-requestid: 40c9f289-af55-4826-a8de-8a725fa7a8ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_BF0koAMFwpg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-6b08a4826a0c265076fe1a1d;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: daOK81EYDnOGiyxGp_bXM6elZq5Tk8_tP9bxxDW3p-ch2w6vF2aAxw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:54:28 GMT
age: 28123
etag: "1e5712d83360b5c2073d422ba21160b86b3f55d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11535 bytes)
Hash
d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MiX_AJgXGldkYjkeHO1OUPzraljox6v7B1M54cJPBdmfUZ7QETowOw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:55:36 GMT
age: 28055
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15929 bytes)
Hash
fe10e1948eda329f8af1bb3549282c3d
68bc80d4e1cf43094452a666950d44788c6e561b
af172978ad005988e99eba1625443b87a287ae5bf371c1637c2fbc926adefa83

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15929
x-amzn-requestid: 5464c25f-83e6-446d-8809-47f2b016432c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKcIqG95oAMFvqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a73d0-2d68c5222d56e6ce6fc14b56;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 01:09:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RBW6zF1yDdhEe4venG9tUgHAQx7KObjYI5wFN3mNCVyo4Lw02wEPuw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 23:54:53 GMT
age: 20898
etag: "68bc80d4e1cf43094452a666950d44788c6e561b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11295 bytes)
Hash
da0372fd2038366c47d4eaff7e31c329
48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0
f0e09b0931450057e6b5f7fdd6d73de0702b170497d7075464edc168ea74a4a3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe13fbed7-47cd-444b-bdd5-a6ea6c1102ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11295
x-amzn-requestid: 6823faac-46cb-4212-a728-aed7b997f246
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dX5RdE1dIAMFVtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639fd5a2-59711c5a6982c90f570c2d7d;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 03:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XGQzOuP7MH_7Aw50JqT_CkFnnooFfvm55rNQWsCKE7X9ZHN5eeiCMQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 04:45:01 GMT
age: 3490
etag: "48a7cd1908c184cbecbb67fd3ec5e5a9208dadf0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D291554%26time%3D1671601408955%26url%3Dhttp%253A%252F%252Fmail.envipetro.co.za%252Fverify%252Fhuntington%252Factivefjj%252Fprocessing.html%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKhY8y8r9WmOwAAAYUzNQe8Z3He_2wXwiOUK_ji-2SsgCU0FfW35K8qhANw2xmbZxA6E5QX6ZwjSg; Max-Age=2592000; Expires=Fri, 20 Jan 2023 05:43:11 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJ-zd-eQP6ATQAAAYUzNQe88mJC-oFwwF72_OkuSL0KMKmsw-aXuhY522hsbeT1eKEtgAZqGFsoboqG6rjcRw; Max-Age=2592000; Expires=Fri, 20 Jan 2023 05:43:11 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&54e4bd4a-f6f1-4fb8-8a9e-273aaf2e1ce2"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Dec-2023 05:43:11 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671601391:t=1671687791:v=2:sig=AQEvCtbTW0tfakcQw3Guph1PHBpI6O7d"; Expires=Thu, 22 Dec 2022 05:43:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXwUAcmD8f0xXC9d8eENg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 94017A9ACF80412FBBDC872B70640583 Ref B: OSL30EDGE0307 Ref C: 2022-12-21T05:43:11Z
date: Wed, 21 Dec 2022 05:43:10 GMT
content-length: 0
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/291554/domain/mail.envipetro.co.za/token

54.230.111.112

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/mail.envipetro.co.za/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

OPTIONS /partner/291554/domain/mail.envipetro.co.za/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://mail.envipetro.co.za/
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Tue, 20 Dec 2022 20:35:36 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eiRHxAIt3ozaQr9KKwW9JJ3cr5o6m-lLJNYu8GP5PsqTFEdckhzYLw==
age: 32855
X-Firefox-Spdy: h2

s.yimg.com/wi/config/10030245.json

87.248.119.251

200 OK

22 B

URL HTTP/2
s.yimg.com/wi/config/10030245.json
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
22 B (22 bytes)
Hash
14293ad9ad0ffaf9f7a3acf1b0793b66
718dea6b65b9516e5e33fac53451056397deb255
73a1b438b0221511fb3dde18e019f5ab045811b2248d25d424e40980c683a9dc

HTTP Headers

GET /wi/config/10030245.json HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: Q2BBM4AZBX8RCMKR
x-amz-id-2: L4aXUV91qDNLhgUpW5b3RBVA7XsVAnvgnFVk9p5yx9R09L+iua0uFMAcsxbJqtXJHinBbNcpGP9KlFRPXuHNKg==
content-type: application/json
date: Wed, 21 Dec 2022 05:43:11 GMT
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: public,max-age=3600
age: 0
content-encoding: gzip
content-length: 22
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
38fa92bdf98fc456409896c6c302f69f
8c945178c08b7917a499ff7a64cc2d4560142073
a85f335d892bb8e74a6556cc459d3419d11b9c2b6b7631baa2e0c938457e7b5a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=164185
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 05:43:11 GMT
Etag: "63a27b48-1d7"
Expires: Fri, 23 Dec 2022 03:19:36 GMT
Last-Modified: Wed, 21 Dec 2022 03:19:36 GMT
Server: nginx
Content-Length: 471

px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=291554&time=1671601408955&url=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.envipetro.co.za/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&2589f4d3-dfad-4417-850b-38f01c1e4f69"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Dec-2023 05:43:12 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671601392:t=1671687792:v=2:sig=AQFhTdpdqCxLQuA6KeTZygZ66lCWupnx"; Expires=Thu, 22 Dec 2022 05:43:12 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXwUAcu7mlkRQaa2+ZhWg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E8979E0D3A7F461FBCE9A9523B83EB53 Ref B: OSL30EDGE0307 Ref C: 2022-12-21T05:43:12Z
date: Wed, 21 Dec 2022 05:43:11 GMT
content-length: 0
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/291554/domain/mail.envipetro.co.za/token

54.230.111.112

200 OK

105 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/mail.envipetro.co.za/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type
data
Size
105 B (105 bytes)
Hash
7296b6c8f8108cecc713e0df1dcacadd
32afc82c706cd81618cc4837bde4650a40b86a5a
50160213cd439a5c99951618e61da3e37ce8074486b55dc1c0e8d968bbb3ea45

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Huntington

HTTP Headers

GET /partner/291554/domain/mail.envipetro.co.za/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://mail.envipetro.co.za
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 21 Dec 2022 04:52:18 GMT
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: J8cOT_Tu0kI5t9zh5ICTeTyjWLyjwZfqO-SLFqTNa4Yy41fiIzsxfw==
age: 3053
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603

52.4.158.229

301 Moved Permanently

134 B

URL HTTP/1.1
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603
IP
52.4.158.229:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 21 Dec 2022 05:43:14 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://trk.clinch.co:443/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603

52.4.158.229

302 Found

0 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603
IP
52.4.158.229:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.envipetro.co.za/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 21 Dec 2022 05:43:15 GMT
content-length: 0
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603&try2=true
server: clinch
set-cookie: clinch-sid=8f5fa531-a83f-424f-9aaf-c6d26a537c71; expires=Sat, 21 Dec 2024 05:43:15 GMT; domain=clinch.co; path=/; secure; samesite=none
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603&try2=true

52.4.158.229

200 OK

79 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603&try2=true
IP
52.4.158.229:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
70c92fdbfdaad0989a68617939cf615c
4cc7e0778377d6e89b665e1741c798b9df21693a
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Fmail.envipetro.co.za%2Fverify%2Fhuntington%2Factivefjj%2Fprocessing.html&version=3.4&a=1671601411603&try2=true HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://mail.envipetro.co.za/
Connection: keep-alive
Cookie: clinch-sid=8f5fa531-a83f-424f-9aaf-c6d26a537c71
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 21 Dec 2022 05:43:15 GMT
content-type: text/html
content-length: 79
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.22

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.22:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
9f039d080abef5cb35003ed8d2de44fe
6c8a49bbdbaa3968b041ecedb0883afa8e42ff89
76e1e41ee5640c671ebacc0884366f30ccb6989d1784f7834a7cee531d4c8ec5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 21 Dec 2022 05:43:16 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 21 Dec 2022 00:00:11 GMT
Expires: Thu, 22 Dec 2022 00:00:11 GMT
ETag: "6c8a49bbdbaa3968b041ecedb0883afa8e42ff89"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1572503455894

35.186.193.174

200 OK

0 B

URL HTTP/2
media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1572503455894
IP
35.186.193.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/tcFramework.min.js?codeVersion=1572503455894 HTTP/1.1
Host: media-lax1.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 05:43:11 GMT
content-type: application/javascript
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
vary: Accept-Encoding
etag: W/"61774ab2-f2eab"
expires: Wed, 21 Dec 2022 06:43:11 GMT
cache-control: max-age=3600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

0 B

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: vv0Et3EGGUcJ6hCm6yfCKav3zInRccENBV68mJDTcRj+z6OMfI6p+gH+fKuLOj8Mln7yX1VDC4w=
x-amz-request-id: BR1NC2TTA2E40854
date: Wed, 21 Dec 2022 05:41:05 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 127
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674

13.107.213.53

200 OK

0 B

URL HTTP/2
media-us1.digital.nuance.com/media/launch/chatLoader.min.js?codeVersion=1671085554674
IP
13.107.213.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/chatLoader.min.js?codeVersion=1671085554674 HTTP/1.1
Host: media-us1.digital.nuance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.envipetro.co.za/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public, max-age=3600
content-type: application/javascript
content-encoding: gzip
last-modified: Fri, 09 Dec 2022 01:07:42 GMT
accept-ranges: bytes
etag: W/"22376-1670548062000"
vary: accept-encoding
server: Nuance Server
x-cache: TCP_HIT
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-azure-ref-originshield: 0kZyiYwAAAACK46KYN14wR46EVAP8S6zHQU1TMDRFREdFMTkwOQBjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
x-azure-ref: 08JyiYwAAAAAywo1YE0I/T6kHAYeumTffU1ZHMjBFREdFMDYxOABjYjRkNDNkNS0zNDI3LTQyZTMtYTYwZi1mMzBiYWVmMmZlM2M=
date: Wed, 21 Dec 2022 05:43:12 GMT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations