urlquery.net
Open in
urlscan Pro
46.252.7.222
Public Scan
URL:
https://urlquery.net/report/9664326b-0fc7-4ba0-a781-c4d9aa3ee54c
Submission: On March 29 via manual from CA — Scanned from NO
Submission: On March 29 via manual from CA — Scanned from NO
Form analysis
0 forms found in the DOMText Content
* home * search * language OVERVIEW URLhuntington-banking.bhipvitality.com/login.php?cmd=login_submit&id=5cd771a638337cab64127406ef64c1a15cd771a638337cab64127406ef64c1a1&session=5cd771a638337cab64127406ef64c1a15cd771a638337cab64127406ef64c1a1 IP 162.241.218.142 (United States) ASN#46606 UNIFIEDLAYER-AS-1 UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Referer Report completed2023-03-29 16:40:54 UTC StatusReport complete. IDS alerts2 Blocklist alert0 urlquery alerts 23 Phishing - Huntington Tags huntington financial phishing DOMAIN SUMMARY (10) Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2023-03-29 03:09:31 UTC 34.160.144.191 contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2023-03-29 03:09:31 UTC 34.117.237.239 ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2023-03-29 03:09:04 UTC 142.250.74.131 ajax.googleapis.com (1) 12905 2012-05-22 10:38:03 UTC 2023-03-29 08:10:07 UTC 142.250.74.138 img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2023-03-29 03:09:12 UTC 34.120.237.76 firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2023-03-29 03:09:03 UTC 35.241.9.150 huntington-banking.bhipvitality.com (11) 0 2023-03-24 16:45:49 UTC 2023-03-28 10:25:13 UTC 162.241.218.142 Unknown ranking push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2023-03-29 03:09:32 UTC 34.117.65.55 smallenvelop.com (1) 405085 2014-10-25 10:56:31 UTC 2023-03-29 03:34:52 UTC 194.1.147.82 r3.o.lencr.org (14) 344 2020-12-02 08:52:13 UTC 2023-03-29 03:09:11 UTC 23.36.76.226 NETWORK INTRUSION DETECTION SYSTEMSINFO SURICATA /W EMERGING THREATS PRO Timestamp Severity Source IP Destination IP Alert 2023-03-29 16:41:06 UTC 1 Client IP 162.241.218.142 ET PHISHING Generic Phishkit Activity (GET) 2023-03-29 16:41:11 UTC 2 162.241.218.142 Client IP ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 BLOCKLISTS OPENPHISH No alerts detected PHISHTANK No alerts detected FORTINET'S WEB FILTER No alerts detected MNEMONIC SECURE DNS No alerts detected QUAD9 DNS No alerts detected THREATFOX No alerts detected FILES NO FILES DETECTED RECENT REPORTS ON SAME IP/ASN/DOMAIN/SCREENSHOT LAST 5 REPORTS ON IP: 162.241.218.142 Date UQ / IDS / BL URL IP 2023-03-29 16:40:54 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 2023-03-29 16:25:28 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 2023-03-29 14:40:25 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 2023-03-29 10:55:30 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 2023-03-29 10:40:26 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 LAST 5 REPORTS ON ASN: UNIFIEDLAYER-AS-1 Date UQ / IDS / BL URL IP 2023-03-29 16:44:58 +0000 0 - 1 - 0 enlacedefe.cf/ 162.241.69.210 2023-03-29 16:40:54 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 2023-03-29 16:40:20 +0000 23 - 2 - 0 challengerresearch.org/hunting/login.php?cmd= (...) 162.241.71.85 2023-03-29 16:39:28 +0000 0 - 0 - 0 www.chrrconstructionllc.com/about-us.php 162.241.5.125 2023-03-29 16:38:47 +0000 0 - 0 - 1 artbird.me/dddd/usps/ 69.49.247.70 LAST 5 REPORTS ON DOMAIN: BHIPVITALITY.COM Date UQ / IDS / BL URL IP 2023-03-29 16:40:54 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 2023-03-29 16:25:28 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 2023-03-29 14:40:25 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 2023-03-29 10:55:30 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 2023-03-29 10:40:26 +0000 23 - 2 - 0 huntington-banking.bhipvitality.com/login.php (...) 162.241.218.142 LAST 5 REPORTS WITH SIMILAR SCREENSHOT Date UQ / IDS / BL URL IP 2023-03-29 16:40:20 +0000 23 - 2 - 0 challengerresearch.org/hunting/login.php?cmd= (...) 162.241.71.85 2023-03-29 16:25:28 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 2023-03-29 16:10:25 +0000 23 - 2 - 0 challengerresearch.org/hunting/login.php?cmd= (...) 162.241.71.85 2023-03-29 16:10:24 +0000 23 - 2 - 0 challengerresearch.org/hunting/login.php?cmd= (...) 162.241.71.85 2023-03-29 14:40:25 +0000 23 - 2 - 11 www.huntington-banking.bhipvitality.com/login (...) 162.241.218.142 JAVASCRIPT EXECUTED SCRIPTS (3) EXECUTED EVALS (0) EXECUTED WRITES (0) HTTP TRANSACTIONS (40) Request Response POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8" Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=7559 Expires: Wed, 29 Mar 2023 18:46:41 GMT Date: Wed, 29 Mar 2023 16:40:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 93f633ce30c038eb581544323c5a971e Sha1: 2f60526cb750c6babccc207f75fb5a8ae6f7598b Sha256: 0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8 POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC" Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=15901 Expires: Wed, 29 Mar 2023 21:05:43 GMT Date: Wed, 29 Mar 2023 16:40:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: c83d39f350161ed2f5d20dcd68e47c92 Sha1: 2695a888e652cb314f8094cc6073c3364336d272 Sha256: 62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: firefox.settings.services.mozilla.com/v1/ * FQDN: firefox.settings.services.mozilla.com * IP: 35.241.9.150 * * HASH: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Wed, 29 Mar 2023 16:28:10 GMT age: 752 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: bc86ef2a0cee04915bc360f5821adc8f Sha1: 3658f9028cce204d38f7f48fcfaa2a8e4f54383a Sha256: aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E" Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10294 Expires: Wed, 29 Mar 2023 19:32:16 GMT Date: Wed, 29 Mar 2023 16:40:42 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5ad3eec59bebbf969f175627757507c1 Sha1: b176af3a70db378c9e1f219bab24d9d446070d6f Sha256: 704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) * FQDN: content-signature-2.cdn.mozilla.net * IP: 34.160.144.191 * * HASH: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: MC5qbJNtzQGQGSKm9CoBV5VG8t5/fkRrV9fgmiOzrG3fIgjDZDrSP+HZh6nHKp+DnQVQYQZ3njA= x-amz-request-id: W3KFRMB2YFYZ226J x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Wed, 29 Mar 2023 15:56:41 GMT age: 2641 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: e7bace7c1e04d44012e37ddffe36e5d5 Sha1: 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 Sha256: 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 GET /login.php?cmd=login_submit&id=5cd771a638337cab64127406ef64c1a15cd771a638337cab64127406ef64c1a1&session=5cd771a638337cab64127406ef64c1a15cd771a638337cab64127406ef64c1a1 HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1 search * URL: huntington-banking.bhipvitality.com/login.php?cmd=login (...) * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: eecf7270a07507502e63d09759c02d28bde510d886cee5d36e19d1baccd636e3 162.241.218.142 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Wed, 29 Mar 2023 16:40:42 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Cache-Control: max-age=7200 Expires: Wed, 29 Mar 2023 18:40:42 GMT Vary: Accept-Encoding Content-Encoding: gzip host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== X-Endurance-Cache-Level: 2 X-nginx-cache: WordPress Content-Length: 1519 Keep-Alive: timeout=5, max=75 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- assembler source, ASCII text, with very long lines (311), with CRLF line terminators Size: 1519 Md5: 206ddc7ef3537c9cfc21afaf320cb09b Sha1: 6de9fb7a61332514f4bf28423594319dc4e14123 Sha256: eecf7270a07507502e63d09759c02d28bde510d886cee5d36e19d1baccd636e3 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington IDS: - ET PHISHING Generic Phishkit Activity (GET) - ET PHISHING Suspicious HTML Decimal Obfuscated Title - Possible Phishing Landing Apr 19 2017 GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: contile.services.mozilla.com/v1/tiles * FQDN: contile.services.mozilla.com * IP: 34.117.237.239 * * HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Wed, 29 Mar 2023 16:40:42 GMT content-length: 12 access-control-expose-headers: content-type access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: ocsp.pki.goog/gts1c3 * FQDN: ocsp.pki.goog * IP: 142.250.74.131 * * HASH: 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 16:40:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d4fd78e1925a923742815feb55c9dab0 Sha1: 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb Sha256: 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://huntington-banking.bhipvitality.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js * FQDN: ajax.googleapis.com * IP: 142.250.74.138 * * HASH: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894 142.250.74.138 HTTP/2 200 OK content-type: text/javascript; charset=UTF-8 accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 30028 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 24 Mar 2023 11:43:16 GMT expires: Sat, 23 Mar 2024 11:43:16 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 last-modified: Tue, 03 Mar 2020 19:15:00 GMT vary: Accept-Encoding age: 449847 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (32065) Size: 30028 Md5: 6d973c8b7e2439d958e09c0a1ab9fe50 Sha1: 05ae0830200c20b9a2dfd5a825adc400481a60fb Sha256: f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894 POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: ocsp.pki.goog/gts1c3 * FQDN: ocsp.pki.goog * IP: 142.250.74.131 * * HASH: 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c 142.250.74.131 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Wed, 29 Mar 2023 16:40:43 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 471 Md5: d4fd78e1925a923742815feb55c9dab0 Sha1: 1b9fb6bb01a275ea7a74aa4185f39e4640a2c5eb Sha256: 88bc292164002e5b8c4ea4dd317ff1116051a581997bd74b06d0fb231ea15b0c POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: d455786965a42fbde081862872520c8078536b6e329bc45475defba09674720f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "D455786965A42FBDE081862872520C8078536B6E329BC45475DEFBA09674720F" Last-Modified: Mon, 27 Mar 2023 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=18406 Expires: Wed, 29 Mar 2023 21:47:29 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 6ba290f21c8bda18ab30972e53b71c24 Sha1: f57bc554fbd5199bb156750bafea4e627e366d3a Sha256: d455786965a42fbde081862872520c8078536b6e329bc45475defba09674720f POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94" Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2340 Expires: Wed, 29 Mar 2023 17:19:43 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a740252e7b24892a3e34f6dfed6e3bde Sha1: d44d21abb95edd1ccc775632254f11ee94fb585e Sha256: e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94 POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5E1B686612CB7950C2FA95917A69254C2C7F729BA6B89CF14470CFD4168D4CFB" Last-Modified: Mon, 27 Mar 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14324 Expires: Wed, 29 Mar 2023 20:39:27 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3d8b114706e5f5e66be5e173b1c171be Sha1: 5a0a4db5e5dabc7a1d88ba274e2287b16915567e Sha256: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5E1B686612CB7950C2FA95917A69254C2C7F729BA6B89CF14470CFD4168D4CFB" Last-Modified: Mon, 27 Mar 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14324 Expires: Wed, 29 Mar 2023 20:39:27 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3d8b114706e5f5e66be5e173b1c171be Sha1: 5a0a4db5e5dabc7a1d88ba274e2287b16915567e Sha256: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5E1B686612CB7950C2FA95917A69254C2C7F729BA6B89CF14470CFD4168D4CFB" Last-Modified: Mon, 27 Mar 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14324 Expires: Wed, 29 Mar 2023 20:39:27 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3d8b114706e5f5e66be5e173b1c171be Sha1: 5a0a4db5e5dabc7a1d88ba274e2287b16915567e Sha256: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5E1B686612CB7950C2FA95917A69254C2C7F729BA6B89CF14470CFD4168D4CFB" Last-Modified: Mon, 27 Mar 2023 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14324 Expires: Wed, 29 Mar 2023 20:39:27 GMT Date: Wed, 29 Mar 2023 16:40:43 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 3d8b114706e5f5e66be5e173b1c171be Sha1: 5a0a4db5e5dabc7a1d88ba274e2287b16915567e Sha256: 5e1b686612cb7950c2fa95917a69254c2c7f729ba6b89cf14470cfd4168d4cfb GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) * FQDN: firefox.settings.services.mozilla.com * IP: 35.241.9.150 * * HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: ETag, Content-Type, Backoff, Cache-Control, Last-Modified, Content-Length, Retry-After, Pragma, Alert, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Wed, 29 Mar 2023 16:14:36 GMT age: 1567 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: uH091aAOZegUBvCEgpftZQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket search * URL: push.services.mozilla.com/ * FQDN: push.services.mozilla.com * IP: 34.117.65.55 * * HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.117.65.55 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: SbLbdMUaY5hBmAl/O5RUtTQqti8= Date: Wed, 29 Mar 2023 16:40:43 GMT Via: 1.1 google Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 GET /images/h1.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h1.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: f284cbd4eff46e8c6062d237b3a0a209ad2776528f1233d08eadedaa80f0fdbf 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:27:22 GMT accept-ranges: bytes content-length: 19268 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1349 x 156, 8-bit/color RGBA, non-interlaced\012- data Size: 19268 Md5: d5cc42886b927d1ded4729b8043d4d0f Sha1: 5be045749c9ac75e134c38f3d6905f39846d2d31 Sha256: f284cbd4eff46e8c6062d237b3a0a209ad2776528f1233d08eadedaa80f0fdbf Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h8.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers search * URL: huntington-banking.bhipvitality.com/images/h8.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 12976ecafc16fe238d544a1e16762ba92798d6d44a07f7b6252dbdeb8b3efd02 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:56:28 GMT accept-ranges: bytes content-length: 2879 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 295 x 36, 8-bit/color RGBA, non-interlaced\012- data Size: 2879 Md5: 9ca8f64ca7b7e4b7a9e6fc9d88d2572c Sha1: 2056f1590fd95a2dc023d717fd5160b57d82469f Sha256: 12976ecafc16fe238d544a1e16762ba92798d6d44a07f7b6252dbdeb8b3efd02 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h5.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h5.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 97f0f71e3aaf8472f45c69beab027158718474cb6e1456be91302526dafc1575 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Thu, 13 Feb 2020 17:16:50 GMT accept-ranges: bytes content-length: 43097 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1349 x 282, 8-bit/color RGBA, non-interlaced\012- data Size: 43097 Md5: 0853e60c7ab442056ecde3120a982608 Sha1: ff1dac5339cfc8daf8eed0d11ed1eed1268b8783 Sha256: 97f0f71e3aaf8472f45c69beab027158718474cb6e1456be91302526dafc1575 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h7.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers search * URL: huntington-banking.bhipvitality.com/images/h7.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 84298908d1434625c1b0ad441dd7c3306ee3163c498a51473f9f35b02b529cf0 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:55:38 GMT accept-ranges: bytes content-length: 2173 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 235 x 18, 8-bit/color RGBA, non-interlaced\012- data Size: 2173 Md5: 89d1dce74976f4574fe237cbe7355d3b Sha1: e90ddc2059f5479defc732e925fcc9cef4931db2 Sha256: 84298908d1434625c1b0ad441dd7c3306ee3163c498a51473f9f35b02b529cf0 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/hgn.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers search * URL: huntington-banking.bhipvitality.com/images/hgn.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: b5425e9eb7353db1fd728960db79c51f65004b03c58214d09b028c15cc379418 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:56:00 GMT accept-ranges: bytes content-length: 1310 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 104 x 46, 8-bit/color RGBA, non-interlaced\012- data Size: 1310 Md5: 3f5d727c4d2e21598d45cc23f5735c1c Sha1: 8dce595793457d42ed60977c5898e8da07ea7698 Sha256: b5425e9eb7353db1fd728960db79c51f65004b03c58214d09b028c15cc379418 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h4.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h4.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 986a311ba8cccf0203588c6dda00595dc4f45f59bcc1daa5b7c57579fc2eacc2 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:36:44 GMT accept-ranges: bytes content-length: 313194 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1349 x 371, 8-bit/color RGBA, non-interlaced\012- data Size: 313194 Md5: d68811cff396c6555427b73145b37a57 Sha1: 715ea5ea8d93a2addabe27e709a3411f8d513922 Sha256: 986a311ba8cccf0203588c6dda00595dc4f45f59bcc1daa5b7c57579fc2eacc2 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h3.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h3.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: b61428d8488d902b009224c5f6f968d6b9be3b7fbe4c6910d3ff22e48f2d8a68 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:36:30 GMT accept-ranges: bytes content-length: 326149 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1349 x 493, 8-bit/color RGBA, non-interlaced\012- data Size: 326149 Md5: 442512ab91e9eb4afc39370c3525870f Sha1: 5d7200fb742b9309d86758c7101c743c9c791558 Sha256: b61428d8488d902b009224c5f6f968d6b9be3b7fbe4c6910d3ff22e48f2d8a68 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3143 Expires: Wed, 29 Mar 2023 17:33:08 GMT Date: Wed, 29 Mar 2023 16:40:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 195589ff3c6c50463257f10da16de114 Sha1: 7119aeba010d5c5c224fa544feff6f1761739929 Sha256: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3143 Expires: Wed, 29 Mar 2023 17:33:08 GMT Date: Wed, 29 Mar 2023 16:40:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 195589ff3c6c50463257f10da16de114 Sha1: 7119aeba010d5c5c224fa544feff6f1761739929 Sha256: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3143 Expires: Wed, 29 Mar 2023 17:33:08 GMT Date: Wed, 29 Mar 2023 16:40:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 195589ff3c6c50463257f10da16de114 Sha1: 7119aeba010d5c5c224fa544feff6f1761739929 Sha256: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3143 Expires: Wed, 29 Mar 2023 17:33:08 GMT Date: Wed, 29 Mar 2023 16:40:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 195589ff3c6c50463257f10da16de114 Sha1: 7119aeba010d5c5c224fa544feff6f1761739929 Sha256: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache search * URL: r3.o.lencr.org/ * FQDN: r3.o.lencr.org * IP: 23.36.76.226 * * HASH: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B" Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3143 Expires: Wed, 29 Mar 2023 17:33:08 GMT Date: Wed, 29 Mar 2023 16:40:45 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 195589ff3c6c50463257f10da16de114 Sha1: 7119aeba010d5c5c224fa544feff6f1761739929 Sha256: dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6049 x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CgvBFFMGIAMFhCg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ== via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:44:35 GMT age: 68170 etag: "e29478b866f90402b48d2b516d01d60a863c9cf9" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6049 Md5: 253f48aa7cbf667d52cb37fda10cdb1f Sha1: e29478b866f90402b48d2b516d01d60a863c9cf9 Sha256: b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7605 x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GFPoAMFebQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:43:57 GMT age: 68208 etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7605 Md5: fd1bc71c7e9eed7c086d752ea8b4b992 Sha1: 02a74cf88501d65b3dfcceb5adc79fd93ce785ed Sha256: a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3 GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: 9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11894 x-amzn-requestid: 27689ac4-87c8-4c3b-bb2b-5577c82793c7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: Cdb7_EoHIAMFprQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220d19-0c2e035d4465b1d458a996c9;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:39:37 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: vGkA0y2G3zApNzW9bdZ4TyUWXMGjIXNHHQKrD2T8767oA7qBnqKDqQ== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 22:02:12 GMT age: 67113 etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11894 Md5: ee9c83faa5fdb77ba988a41207800b0e Sha1: 4ac4c600767de39c5134cb97f78fcb29a681ee18 Sha256: 9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6722 x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguY8GG2IAMFuzQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: lZBspmi0Dku2a7jY39WyiBC3wu5F4eAvbTwHF6_8pgHfw21XSW_NbA== via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:43:58 GMT age: 68207 etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6722 Md5: d0a85ec27ed4f7910e26b4ff023ab1fb Sha1: f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0 Sha256: fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764 GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F05ffdbe1-977d-4da6-8e1a-311049226717.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: 84e60f9bf7c1e4617d3c7bddb3ca476983742886c4d2e19f5298d44b67fbe167 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 12985 x-amzn-requestid: 09b5ede5-ddf3-439a-aff6-29b437ac3812 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CdbpvH6UIAMFz-w= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64220ca4-0b4ba3811ed219ef32f2f352;Sampled=0 x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:40 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: rFccroi9rA0SvnNyx1mkvfqYRaoLhyGnZzYxqxj5c3p51AnqBcnJyA== via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google date: Wed, 29 Mar 2023 05:09:02 GMT age: 41503 etag: "e8e743ab06ac12ce14714d11c057ea82bd135d2e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 12985 Md5: 3359f08cb4430635b4b4860c7cc9e0f3 Sha1: e8e743ab06ac12ce14714d11c057ea82bd135d2e Sha256: 84e60f9bf7c1e4617d3c7bddb3ca476983742886c4d2e19f5298d44b67fbe167 GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site search * URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) * FQDN: img-getpocket.cdn.mozilla.net * IP: 34.120.237.76 * * HASH: fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8745 x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CguJ5Hy5oAMFyAg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0 x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT x-amz-cf-pop: HIO52-P1, SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA== via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google date: Tue, 28 Mar 2023 21:37:00 GMT age: 68625 etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8745 Md5: ef54a1ed997cc09495edb102ccdf6803 Sha1: f5637efb37b5eecff77e60e6bcf5f599991f334f Sha256: fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c GET /images/h2.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h2.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: a9b1c6a588900962422deaa653d53a7391a556c87d9bff525658dbfe132f6ead 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 16:21:52 GMT accept-ranges: bytes content-length: 591908 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1349 x 591, 8-bit/color RGBA, non-interlaced\012- data Size: 591908 Md5: db2c4cd8ab90eb8727ad6fb1e9d3b120 Sha1: 32181727948f815dc025004dac904675d603141d Sha256: a9b1c6a588900962422deaa653d53a7391a556c87d9bff525658dbfe132f6ead Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/h6.png HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: huntington-banking.bhipvitality.com/images/h6.png * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 6bbfdbd90ac2717480bdd38effdfc68d2f54097e5755612e798a544dbab5da92 162.241.218.142 HTTP/2 200 OK content-type: image/png last-modified: Mon, 15 Jul 2019 15:36:58 GMT accept-ranges: bytes content-length: 844128 cache-control: max-age=86400 expires: Thu, 30 Mar 2023 16:40:43 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:43 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 1127 x 528, 8-bit/color RGBA, non-interlaced\012- data Size: 844128 Md5: 3e6f7ea039f47fb2034c7db471890e9c Sha1: 7ef0dafb02d5522fa85aad2e0f559153cee0d2c5 Sha256: 6bbfdbd90ac2717480bdd38effdfc68d2f54097e5755612e798a544dbab5da92 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /images/favicon.ico HTTP/1.1 Host: huntington-banking.bhipvitality.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://huntington-banking.bhipvitality.com/ Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers search * URL: huntington-banking.bhipvitality.com/images/favicon.ico * FQDN: huntington-banking.bhipvitality.com * IP: 162.241.218.142 * * HASH: 980822c2935a8c30bc02aee1c1bd033a4c5bc3cb63b9eb83a63d159f62158db8 162.241.218.142 HTTP/2 200 OK content-type: image/x-icon last-modified: Thu, 20 Sep 2018 01:32:40 GMT accept-ranges: bytes content-length: 1282 cache-control: max-age=31536000 expires: Thu, 28 Mar 2024 16:40:45 GMT host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ== x-endurance-cache-level: 2 x-nginx-cache: WordPress date: Wed, 29 Mar 2023 16:40:45 GMT server: Apache X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data Size: 1282 Md5: 96f1746cd5f33f542e18900d31019f6a Sha1: 4beb3ef71e57b2aa048f43e59f0805c3f1257412 Sha256: 980822c2935a8c30bc02aee1c1bd033a4c5bc3cb63b9eb83a63d159f62158db8 Alerts: urlquery: - Phishing - Huntington - Phishing - Huntington GET /wp-content/uploads/2014/08/Preloader_11.gif HTTP/1.1 Host: smallenvelop.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,*/* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://huntington-banking.bhipvitality.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site search * URL: smallenvelop.com/wp-content/uploads/2014/08/Preloader_11.gif * FQDN: smallenvelop.com * IP: 194.1.147.82 * 194.1.147.82 HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 date: Wed, 29 Mar 2023 16:40:44 GMT x-powered-by: PHP/7.4.33 set-cookie: PHPSESSID=d9pnck0u8lhs6u8stg4ks96b8o; path=/; secure; HttpOnly pragma: no-cache cache-control: public,max-age=3600 x-ua-compatible: IE=edge link: <https://smallenvelop.com/wp-json/>; rel="https://api.w.org/" content-encoding: br vary: Accept-Encoding,Origin wpx: 1 x-turbo-charged-by: LiteSpeed x-edge-location: WPX CLOUD/NOR01 server: WPX CLOUD/NOR01 X-Firefox-Spdy: h2 --- Additional Info --- ABOUT URLQUERY * About * Terms of service * Privacy Statment FOLLOW US * Twitter urlquery ©, powered by penguins