Report - rcu6.com/email-account.php

Report Overview

Submitted URL
rcu6.com/email-account.php
IP
45.133.200.3
ASN
#200313 WEB_GroupInternet INC
Submitted
2022-12-07 13:03:17
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Huntington

Detections

urlquery
33
Network Intrusion Detection
0
Threat Detection Systems
158

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
cdn.clinch.co	7154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	5.3 kB	95.101.10.90
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	48 kB	142.250.74.40
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	6.9 kB	188.125.94.206
fls.doubleclick.net	436	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	635 B	142.250.74.166
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	591 B	919 B	212.82.100.181
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	573 B	867 B	216.58.207.226
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	95.101.11.115
players.brightcove.net	3805	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	113 kB	2.18.173.25
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	3.0 kB	142.250.74.132
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	29 kB	157.240.247.8
ensighten.huntingtonbank.com	91425	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	39 kB	52.51.219.145
huntingtonbank.inq.com	92998	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	792 B	5.3 kB	52.177.241.160
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	667 B	349 B	31.13.72.36
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	58 kB	34.120.237.76
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.23
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	5.5 kB	93.184.220.29
f1.media.brightcove.com	21505	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	52 kB	151.101.194.27
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	3.0 kB	142.250.74.67
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	566 B	1.1 kB	142.250.74.162
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
2782440.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	895 B	142.250.74.38
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	456 B	824 B	13.107.42.14
trk.clinch.co	5423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.2 kB	34.203.147.81
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.38.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.131
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	942 B	937 B	143.204.55.61
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	7.4 kB	142.250.74.34
mef957.dynatrace-managed.com	107553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	334 B	100.24.162.178
media-lax1.inq.com	41901	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	402 B	35.186.193.174
rcu6.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	1.6 MB	45.133.200.3
www.huntington.com	56151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	539 kB	23.72.139.51
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	4.9 kB	95.101.11.57

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	rcu6.com/email-account.php	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (51)

	URL	Size	First Seen	Last Seen
	rcu6.com/index_files/dest5.html	6.7 kB	2023-03-07	2024-03-23
Pretty URL rcu6.com/index_files/dest5.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	138 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 6112575bd5ecbd7c0744464793141cf8 3bf1f00b3ce996e9eebdd71c4e3d1af2ee94a649 d51f045c62a4414db4e8270ec526b53bb649ea2c31757c7ff4c2cd6d1f1df7cd Loading...

	rcu6.com/index_files/jquery-3.4.1.min.js.download	88 kB	2023-03-07	2024-04-20
Pretty URL rcu6.com/index_files/jquery-3.4.1.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-20 02:23:56 Times Seen95067 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download	164 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash f8d69b81ffcc4002ad5144c582a9214e a42d2e7aa00a9c483a053f8a46aee75a8e055463 717d421a546684bb53dd5fc86bc27f22ad9d888f8f47239536c01f2b825dc6a7 Loading...

	rcu6.com/index_files/chat-fab.js.download	20 kB	2023-03-07	2024-04-06
Pretty URL rcu6.com/index_files/chat-fab.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2024-04-06 05:55:00 Times Seen247 Hash 2fb85e01b38ec473bd67a3ec442d9486 c3c6b95da9c8242f31cd0f3eb1399ca789f47ff7 bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e Loading...

	rcu6.com/index_files/oo_engine.min.js.download	46 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/oo_engine.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen402 Hash 3023bde795e4926691e3691ace0d9356 053c86b53ec7bca624cffc3f6321697d35a1c5d5 1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 95.101.11.57 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-12 12:54:15 Times Seen1 Hash 795b6295a518e0a829d7b29695163231 9cada4433e63280a008cbb0a2a0bdb5af5e57206 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c Loading...

	rcu6.com/email-account.php	146 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 4a7e15e261408d827197577b1747386e 1480fff1e160c567a9e06c781428cdd108916af9 38e339b1ebb43ce74fc52054456dacd2e38249d4d263aa60bb8ff854699c9b52 Loading...

	players.brightcove.net/1317241590001/default_default/index.min.js	445 kB	2023-03-07	2023-11-11
Pretty URL players.brightcove.net/1317241590001/default_default/index.min.js IP 2.18.173.25 ASN #16625 AKAMAI-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:53:47 Last Seen2023-11-11 14:02:56 Times Seen4 Hash b2162ab045a95623ebee0ea695addf2c ceea87d24189ab4c8b70b9bc92a0dc0fc10cfadb dc434032874bbbd88aff4d1228b9d0d2d9660cd54e8e8b11a61807f8d9884bc0 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418188234&cv=11&fst=1670418188234&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418188234&cv=11&fst=1670418188234&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 4e09ac77250962e2370e7eed65d307dc 12f6c55aa90003be12047b274c946107c569f290 3296bdb64e775576fec77865d278c9c5ebc915ce38b58806371e80bf6f3bb5e5 Loading...

	rcu6.com/index_files/site_10006663_default.js.download	47 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/site_10006663_default.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen9 Hash bca24f1cd01f6281d6996ab7b9ccdfbe a08946199e8080b84a5f204323687a93cb416ee1 fe650baa63a09a5aa5b59475f20f6efd77aa359947779e5ec6f9ea9a3f0d4b3a Loading...

	ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774	145 kB	2023-03-08	2023-09-14
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 IP 52.51.219.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:59 Times Seen150 Hash 5828bc2a2ceaa2961527eedaf4167b77 166d54624e012273fa58054d82c8148435c6f51f d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c	183 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash d0143b83e3ac4dafd687dc22bb09ec90 79768046a252708fc4638ac3c2e7f6e297ec2d95 65f3c5e32920e200b75530f4e02b5f6983d275eee8444e6d7aa4a9d99adf77f2 Loading...

	rcu6.com/index_files/ytc.js.download	14 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ytc.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 262ad28777cd04301eaf1ed832269103 011e8f00197647efcc835622a0b327e6e7b07b07 5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582 Loading...

	rcu6.com/index_files/bat.js.download	25 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/bat.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash ad2da5f478b3ca25fc283c8039946a04 9dabae74978709f503e77ef81fbc8cfd367b8f25 079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3 Loading...

	rcu6.com/index_files/vtt.global.min.js.download	21 kB	2023-03-07	2024-03-21
Pretty URL rcu6.com/index_files/vtt.global.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-03-21 22:59:09 Times Seen552 Hash f30dac97e5c2aaa10a7695b93cc66699 50c71ce19b49160495729339b0f15246120864b6 aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d Loading...

	rcu6.com/index_files/ads-blocking-detector.js.download	6.9 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ads-blocking-detector.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen9 Hash c0fb71d6f96440d1598b1f107a3d3317 0250d4eb5724b38ecb8f16e5ea571cce6b192b04 4b77972fc8b4afea3b15a7fe4fed727fc80a5253ff8b04ec09082e2f6e5248e5 Loading...

	media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020	995 kB	2023-03-07	2023-03-14
Pretty URL media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020 IP 35.186.193.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-03-14 12:59:02 Times Seen1 Hash f8cc5943bc579ac1ae0450640646dd23 85260ec2515e77f1ed2638ec92013c1fb2e551d7 78916d3ad4fa6ee9caa53b747b43715fbc17836bfcede24ad62fc33b0b36f5ef Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.247.8 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c	183 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 1190371d53217458de0de50f338021f9 d7123a06429bb0c604951a3bb106f66e6cecb5c4 049d8ae3fb231f990377946520e1e59cc2a8ed33350952ecfbd6e5afe3dba39f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418188253&cv=11&fst=1670418188253&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418188253&cv=11&fst=1670418188253&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 8210cddadb1fbe42397cac8029a2a397 d1d566cbc0a74669578eaaab584ea778301d73ce 0a041ef2af57f33d844a785da0291954940b762a671a786be833aadab04c9fe1 Loading...

	rcu6.com/index_files/insight.min.js.download	3.6 kB	2023-03-08	2024-04-04
Pretty URL rcu6.com/index_files/insight.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2024-04-04 05:53:28 Times Seen29 Hash b51baa8e9e038597c2cbf9049c3270c6 10d9ab6b0c3fdb3fba54fa31ad200d8423366d1b 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Loading...

	rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download	131 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 3816175f699c173db124bfac88c03e79 7f047ce4d00051ac09a9541751ea2a987be10c35 c4903955d0c09bf6f21be1870c3bf07b95b3d8fac208f7d363af0c18cd881fed Loading...

	rcu6.com/email-account.php	962 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 77d0938da96815782fe5ea7b037129d3 0798a7f4f0ab7c834499c69fcddc6e1ffc9d6637 97ac02eff2faf4bbfcfd9bc16f4f3b1c5836df34babfb45aef33a7a7bec8d177 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418188280&cv=11&fst=1670418188280&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418188280&cv=11&fst=1670418188280&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash ef9f4fd5c8089750055ae6d34ac2c06c 7af9e4485159ae6fc18336131190afb9ac80ffd1 0fde732a5c615d5945cfc49fda2b3e7d0639290a0164543f9167b4e11c05d327 Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	15 kB	2023-03-08	2023-09-14
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 95.101.10.90 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:58 Times Seen111 Hash c12dd0f8c53c6d8f8a5c845a2f892307 5e880be41d047f1b7754e93e8a44347d28482702 b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 188.125.94.206 ASN #10310 YAHOO-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 05:10:03 Times Seen36969723 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rcu6.com/index_files/outdated.min.js.download	1.1 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/outdated.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash c4ad5eca721cb2b662e55dc580893018 ed014d7db09aa41b8ff65728557436519e3a8aed 680fdb61543dbbef02c4f988dcf5c5960fc9506f5cb1a3097737a2f0ea980e32 Loading...

	rcu6.com/index_files/tcFramework.min.js.download	537 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/tcFramework.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen8 Hash dcb2a9d7c24522e9d82d018e7649f10c 5f2a33d0ace4d7231a7390e3070b4304796a5efb d6ce17127f0cc7ac0308fb593076997b7ab2cfe1c8bf4ab6f871ff3d15ce7c7e Loading...

	rcu6.com/index_files/postToServer.min.html	21 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/postToServer.min.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:54 Times Seen4 Hash c085cf73585c899d85a8653134613840 009b32136dac55f29f950cbae540a73d0ba4bf97 e5127d3ed0290f036795e20be1aa49369c0875d4b869f59573a4c20687cd17d7 Loading...

	huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js	5.1 kB	2023-03-08	2023-03-09
Pretty URL huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-09 02:16:59 Times Seen1 Hash 609fbd6bc0fe3ebbbdb1ce590758d2d3 b731b656d04768b94532edaf1dc67038a3fa583e da65d01dbbfda64a874f36dcc9c6ac3e1a053a21abe17aa0570c74367d615338 Loading...

	www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c	139 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 3bc871e85d7db50959485e07a4925ec5 67a0f268202b64b43d916608cf4a78bb3027164f 2d53128db2d1dd92a828cb8519aaf0bfaf6bc823ff94f8ba4ade627f91a8a8d6 Loading...

	rcu6.com/index_files/inqChatLaunch10006663.js.download	23 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/inqChatLaunch10006663.js.download IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen13 Hash fc28fe7671857c8fc6af5c725b6efa65 2602647796aa238b5a5f145e0f6892c2bad94e84 86598506c865db230133e34b3dc2d011e7877925d0a0b91389cddc518a166828 Loading...

	rcu6.com/email-account.php	33 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen15 Hash e5e346b7bab3e6cbcc9cec9c13bc5265 2ca39bf886a2e43e3a0f359e23d30e6b455a0cbf e9a021db128b1e1ebe14644b30f6aeed04690a07b3c1fc363871cbceaf3ce53d Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.1324820642312352&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2Femail-account.php	317 B	2023-03-08	2023-03-08
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.1324820642312352&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2Femail-account.php IP 52.51.219.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 68d3481bdd449605bb601ecec141396b e078b55b5b86e7f634a695cfaa618d0b5f0dbcee 332d986656b7b0001a6d04c5e8ce443f2387e572ca993553bd035afde19c5e2d Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418188296&cv=11&fst=1670418188296&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418188296&cv=11&fst=1670418188296&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash d92ca9540da6de248978c7b3c39d9596 278f21d8254f964524209571701e555f1ec49555 2a03f851c54c7c78f247de8e76626065ccd63c95a27e28b0977a082f7b8a4abf Loading...

	rcu6.com/index_files/site-survey.min.js.download	7.5 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/site-survey.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen286 Hash 374ca92abaa98bc7b2f19fe64114a18b 4c0a1441026a9337d322d7ae5536df1427e5c140 7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806 Loading...

	huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js	7.6 kB	2023-03-07	2023-04-13
Pretty URL huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-04-13 23:00:32 Times Seen2 Hash 6904d7c5c142b5f9a02e58e1a1417087 500042b9f8aa2c337fdcfa34862070770a181556 e762c7b3f6e4d3d97cfe0ade7dcb8b91c9ff85f57f9e7885fa42626c71c7b092 Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	113 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:15 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 70c36cf1b030827e07b7553fbd0ffec3 1e440c2aa70a723ab46763b5ffcef4bf0d4f36f4 3760b4191e404292ddd3b24f7190989865e68c34ae048be7993088755503eed7 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f235f34bea1f47d8e0018be4d63b325e	16 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash f235f34bea1f47d8e0018be4d63b325e b1835f5dc561a4c105bee05e6baa185a026c4828 44e8e2163cdbde2338d98ff05168f6c7f5d14796b2f8c39e94715fa766300dee Loading...

	#2 Eval - f0bcb6054760742619dd8232ef3c0a10	15 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash f0bcb6054760742619dd8232ef3c0a10 5a6da0191a9465a2060a531f8670dba8ec1de60b a86a4ccc459fd4c19c3bc96fc9d54597c33198af95ec665dfb7e729c53ba3c2e Loading...

	#3 Eval - 2ee58accb196af11debb695dc1b27a4d	20 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2ee58accb196af11debb695dc1b27a4d 683d57f49ae989c9bd8d09f9e6ca1c483010cc61 1ad74da51608a5830dc65b73a416e1182289e1e46f653e798c02b22f53d09e11 Loading...

	#4 Eval - 4edafc01dee4d31d150f7eef22cde69b	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 4edafc01dee4d31d150f7eef22cde69b 4e2cd90a697c35a575ce06ca65884193602962a0 a9a4ed8860c1ea2527c90e6bd39985850fd4a2627faad24560b2f3d877ea08d8 Loading...

	#5 Eval - cf868d8d47b14a245d9dd5763458f791	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash cf868d8d47b14a245d9dd5763458f791 41f2d7008670a86e5fba13ce3d67231b3fb55cfc 92b445b1a5af92ca2a9349d1a8237ad3cdb081b4d6388a7e99f35593c23be6bb Loading...

	#6 Eval - 2a8c58d31bff121aa3907026a152d737	28 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2a8c58d31bff121aa3907026a152d737 dcaa941e42ee5547ee017d615d309e59b1b57947 8a96d5c96f7c639f2c3d3fb2f4dc0da580f54d5e191f4674380da731e871bf1b Loading...

	#7 Eval - 561c579b1c992ddb6df4c14838c2f30c	22 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 561c579b1c992ddb6df4c14838c2f30c 76b6af2bdf3d11eb093a8d14bd665ba4f38638d9 594d5abbc9f4e285b8be7425b07db97f9c6306c800d8072081a003080ebd429f Loading...

	#8 Eval - 02ca0a2b7dfe6ef50e45811e6139a0aa	30 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash 02ca0a2b7dfe6ef50e45811e6139a0aa 9ef378dd36388f1c5d527e4115a9ee804509824a 400dc27c5435c3ac3a33555c05ac84a993101f38b3c96ae17547026c1358152c Loading...

	#9 Eval - 16434cb1948736e604365f82624577ee	23 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 16434cb1948736e604365f82624577ee 3bf3a89283ad989c0486bd7d04215d7adbdab884 ff00ecc4d338e97894d9afc638f3184b3ecab052c80d6b3377fbabe6afe3d71f Loading...

	#10 Eval - 7e39ed720ec93e5fad95e53d0dcdfaa1	18 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 7e39ed720ec93e5fad95e53d0dcdfaa1 d1e532e06d343982612146fe96f2ed1023d547fa f152bee9780f82664f1561f59d4cfb7a8aa6490e08066899276dda831b3f3b53 Loading...

	#11 Eval - 662e2bc9ea40f7815fc14ec2384c8151	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 662e2bc9ea40f7815fc14ec2384c8151 85490b4fc3e79b718bee28aad635cdbf0a709ca6 3d151b0dcd0bd79e4e6a5ae0535d85337c94a8f5c9447fb13974d4f75e5ca361 Loading...

HTTP Transactions (188)

URL IP Response Size

rcu6.com/email-account.php

45.133.200.3

200 OK

77 kB

URL HTTP/1.1
rcu6.com/email-account.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (65462)
Size
77 kB (76897 bytes)
Hash
169bea45749cac78cc97c9325bb38479
e18dbfda554822dfe6cd4e1c0c8bb3ab406c056b
901c495f9f856b0444110355fddab1247720516fa8a36aa810e9687cf64a68eb

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /email-account.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4356
Expires: Wed, 07 Dec 2022 14:15:42 GMT
Date: Wed, 07 Dec 2022 13:03:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2494
Cache-Control: max-age=166183
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:06 GMT
Etag: "63906b73-1d7"
Expires: Fri, 09 Dec 2022 11:12:49 GMT
Last-Modified: Wed, 07 Dec 2022 10:31:15 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13796
Expires: Wed, 07 Dec 2022 16:53:02 GMT
Date: Wed, 07 Dec 2022 13:03:06 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 12:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2558
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: VALn+LW39hhp+YTrpy3TzWf1sVU9nASaa4Tdeg2hvnGjLxVWArHIZ+Rp4/Czs+104pFFfmOnGSs=
x-amz-request-id: 915804JYQ7WVQ13P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 12:47:30 GMT
age: 936
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:03:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/f.txt

45.133.200.3

200 OK

11 kB

URL HTTP/1.1
rcu6.com/index_files/f.txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2178)
Size
11 kB (10707 bytes)
Hash
9e120391b1445bfc8a515e6b89afe3f5
11bdbb0d38fd31061215db952d2582c213993a41
47267bd2d5fe706c248b9dc9c661700103a5f6006dd96f08a6c32e237b60ea8b

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f.txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/ytc.js.download

45.133.200.3

200 OK

5.4 kB

URL HTTP/1.1
rcu6.com/index_files/ytc.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (14425), with no line terminators
Size
5.4 kB (5402 bytes)
Hash
5c22659ed572937e05833727e8f4a584
67bd23ee9158220d50843d0029704e672eb2405e
6c59667107d6b44e35ea0fcb09cb683262c17d4af67967b7c9425b81e6cbcc43

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ytc.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/bat.js.download

45.133.200.3

200 OK

7.7 kB

URL HTTP/1.1
rcu6.com/index_files/bat.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (25365), with no line terminators
Size
7.7 kB (7676 bytes)
Hash
b09794b457be07c7414b263198776b11
67741bdf8ce97757272f34917aab475b768d8deb
1389ff7051cdea2115d27f4313999891bad03e6287fe3ef1ef07ac4e0057cea3

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/bat.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/insight.min.js.download

45.133.200.3

200 OK

1.6 kB

URL HTTP/1.1
rcu6.com/index_files/insight.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (3577)
Size
1.6 kB (1576 bytes)
Hash
7bdf4661ce6abab2120ac346a3612058
dff1fe656645628e794209c01739ee5e95336999
886930d0ea428223e0f94506b4b58fc4a6f0f5906e30054b237e0197dcd79214

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/insight.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/fbevents.js.download

45.133.200.3

200 OK

55 kB

URL HTTP/1.1
rcu6.com/index_files/fbevents.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (41711)
Size
55 kB (54810 bytes)
Hash
79684b2fc18c6e003d0747a1b66b4794
80db7f5cc9bbd1510129549f9868431dec1f37f7
73e953dbffd99e765effdc6a94c2440dc573004340b31acf084b613d032a4de6

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/fbevents.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

245 B

URL HTTP/1.1
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (317)
Size
245 B (245 bytes)
Hash
a7309779c48b334d766b986aecf5cddb
714a41e74edf262392c590e60e6eef99869d307a
49fd8d1bdd49f9207bc8dfe11bbd93dbaebd3b51218a2e294786703797a6554d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download

45.133.200.3

200 OK

29 kB

URL HTTP/1.1
rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1076)
Size
29 kB (29432 bytes)
Hash
be01d01f9f9f3c93343e51b5896c4a35
76460ba4d0a3f22736272ca0290d0abb423ead81
6d2f6cf60b985bde6202c5730039e6171a6513a3f2bf969cfebe2c355ec22d15

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/82154ef468aff3ad267e57006a5dd605.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/1.1
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 32829
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download

45.133.200.3

200 OK

62 kB

URL HTTP/1.1
rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1626)
Size
62 kB (62219 bytes)
Hash
141e11e309fdb988e32be71c7da45987
11cb014f0425fb9a168965b561d23c41fca35592
fb615084208716c4da546de3239500033d961cec32a78c15d5c79c5f8b7a84c4

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/jquery-3.4.1.min.js.download

45.133.200.3

200 OK

31 kB

URL HTTP/1.1
rcu6.com/index_files/jquery-3.4.1.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65451)
Size
31 kB (30908 bytes)
Hash
70ae57c52553459fc7e2740d86e28d43
905b3ee7cd29abbfbd21bd4e48a0de2890e8e5c3
5663ddb0bccc63ab7f656836cc2224cca38d7466a38b64ae5b1e758615821778

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/jquery-3.4.1.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/site-survey.min.css

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/site-survey.min.css
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (4339)
Size
1.1 kB (1135 bytes)
Hash
63d09db2bd679641083c0aff8ab3b1b4
d79dba31f3f0bf25b02f2839996f97e50878284f
d3e564ec855a3d8a6cad6a96c725ed3a4770325088ccb3b5c14afaf86c749d50

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.css HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Fri, 06 Jan 2023 13:03:06 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/oo_engine.min.js.download

45.133.200.3

200 OK

12 kB

URL HTTP/1.1
rcu6.com/index_files/oo_engine.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (45689), with no line terminators
Size
12 kB (12307 bytes)
Hash
e45837c55805cce944b422746f556a39
1ea5a420c8e0612b3513679af7cee0d87d6afe2e
37bfd875914b6d2c2a9b20ffac4aa1c09d2bf689f6112e99bbfc7d053be572d0

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_engine.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2363), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
17e4836ec326947f02ea476bdfe36e6d
cccd88b1907fa766f8ef708397ee968a6c22927e
db73f4b968037c9ba8ed7be2d42213db46107f13ae86ce255d55e6a5a7006266

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/f(1).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(1).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2481), with no line terminators
Size
1.1 kB (1091 bytes)
Hash
6f7f515205027a83b55900908b3d6109
696752d6d1f6558e29bfe47077fb00731dbf9f7f
96290b705666e12aa9dcdcb5d245674174382b0f4aa693b52affcc5a48ae2105

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(1).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/Bootstrap.js.download

45.133.200.3

200 OK

72 kB

URL HTTP/1.1
rcu6.com/index_files/Bootstrap.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (598)
Size
72 kB (72441 bytes)
Hash
a8259b151a76ac24ca9018a708d4b1c6
5a675dcd030d42935778e96edef25b904b362f32
cca1bdeeccae0a6a27e1fb51e1674c39d7349aed80abe6017d67e8818ac100e0

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/Bootstrap.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6218
Cache-Control: max-age=136796
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:06 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 03:03:02 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

rcu6.com/index_files/chat-fab.js.download

45.133.200.3

200 OK

6.3 kB

URL HTTP/1.1
rcu6.com/index_files/chat-fab.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19644)
Size
6.3 kB (6323 bytes)
Hash
193ba8444b77f08b1eb325e0aee68745
aa0975262462a6960b234e579c28e53d03f1806d
2dd8bdb1439ebad9950f78a4adba3be7e2e9cfb9f83881a4deaf732c57417e73

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/chat-fab.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/vtt.global.min.js.download

45.133.200.3

200 OK

7.2 kB

URL HTTP/1.1
rcu6.com/index_files/vtt.global.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 text, with very long lines (20659)
Size
7.2 kB (7245 bytes)
Hash
a00dc8be608a8b2bb165ead03958d121
bca9c86df6db0afaaf9103a932bbaf803c88cf3c
f54be073e9c0d6b224352ec66ebdab497b316ef610bcdc73b2a7e34733d051a9

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/vtt.global.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6424
Cache-Control: max-age=137002
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:06 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 03:06:28 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5178
Cache-Control: max-age=135755
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:06 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 02:45:41 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

rcu6.com/index_files/outdated.min.js.download

45.133.200.3

200 OK

580 B

URL HTTP/1.1
rcu6.com/index_files/outdated.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1083)
Size
580 B (580 bytes)
Hash
1092d509c02f6352093dd0991fcd517b
f2b07135845174cc694d4b23cf721ee94c1a4298
cf92f08f9a232899bdf740305ee5fb5ded6374b783ca8e4859ea351f76c20dd4

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/outdated.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/site-survey.min.js.download

45.133.200.3

200 OK

2.8 kB

URL HTTP/1.1
rcu6.com/index_files/site-survey.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (7496)
Size
2.8 kB (2814 bytes)
Hash
fa7430e7735dcd145aecd7174b7bb6f9
fe6fe710c6d27cef3a68b39f8c956378761ffb5d
aa5f7e98e35aa5a4e7f9f682e9457e4f10de89444bd7754419178834cfa66a81

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

23.72.139.51

200 OK

19 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 18636
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-465350977", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1731032
expires: Tue, 27 Dec 2022 13:53:38 GMT
date: Wed, 07 Dec 2022 13:03:06 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

245 B

URL HTTP/1.1
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (317)
Size
245 B (245 bytes)
Hash
a7309779c48b334d766b986aecf5cddb
714a41e74edf262392c590e60e6eef99869d307a
49fd8d1bdd49f9207bc8dfe11bbd93dbaebd3b51218a2e294786703797a6554d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/sp.pl(1).download

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl(1).download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl(1).download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2

23.72.139.51

200 OK

21 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 20592
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550X/NY"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="897722665", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1912457
expires: Thu, 29 Dec 2022 16:17:23 GMT
date: Wed, 07 Dec 2022 13:03:06 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 662
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

23.72.139.51

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19712
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1293310310", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1127984
expires: Tue, 20 Dec 2022 14:22:50 GMT
date: Wed, 07 Dec 2022 13:03:06 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/oo_icon_retina_black.gif

45.133.200.3

200 OK

552 B

URL HTTP/1.1
rcu6.com/index_files/oo_icon_retina_black.gif
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_icon_retina_black.gif HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: image/gif
Content-Length: 552
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:06 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_ENERGY_RGB_Location.png

45.133.200.3

200 OK

7.5 kB

URL HTTP/1.1
rcu6.com/index_files/icon_ENERGY_RGB_Location.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7543 bytes)
Hash
a58a87032c6c7175484ded7dcc54917e
6e00910f7b8d37f45918a7f20d5384e2e3ac363a
e4190662de958e1a2c8377c7ff106609da73fc394c8991ebd9ab81368e129b9c

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_ENERGY_RGB_Location.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: image/png
Content-Length: 7543
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:06 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/lockup.svg

45.133.200.3

200 OK

1.4 kB

URL HTTP/1.1
rcu6.com/index_files/lockup.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Size
1.4 kB (1420 bytes)
Hash
90002463cd647f45170da29025d307c8
0c4fab566cd4ef37c0e594d54fa8424f6a296d8a
f03472b08b791ca4ecbd74fe8efb0c1c928f80addb0d2d2441551b1169606ff9

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/lockup.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:06 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/hero-mobile-woman-standing.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/1.1
rcu6.com/index_files/hero-mobile-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (34344 bytes)
Hash
097569ac7ca97d9d6538a35d6ab28927
c39c33070b20c2f7d92866e4e915e65944d62766
330892c01cfa66bf7c89a67960cdb733ea6fe00cce8e5cd05df1f54ca5fe3f65

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/hero-mobile-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: image/jpeg
Content-Length: 34344
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:06 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg

45.133.200.3

200 OK

236 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
ef60e363ad319ed80a9726e47dfb7fde
bdfd20cdabe3b80ebdf6f38528ea696af6ef9ee7
5c4c8971c0dbcb22c58ef1601a338af72af941e616da0b51a551a102582094ca

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-lightgreen.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/svg+xml
Content-Length: 236
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/v-mobile-white-glasses-grn.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/1.1
rcu6.com/index_files/v-mobile-white-glasses-grn.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (33545 bytes)
Hash
a0d1664331d8eb21ff5dee44dfa8f50e
6fe36cc3bb0fb70a92a0285a1b82b26d838f5371
2bb709222096c8b6748a66c23e1ba6fc88c0d1520425b0c7982b24be1eecada5

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-white-glasses-grn.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: image/jpeg
Content-Length: 33545
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:06 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg

45.133.200.3

200 OK

151 kB

URL HTTP/1.1
rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x801, components 3\012- data
Size
151 kB (151142 bytes)
Hash
81deb151736e7ae75ea57e2085465344
04b2e330b890ad5eb654f50935ebeb2fba9e4f46
5964da57696a9334edd52b5b0d89c3489323d3174a716b1601c74afa042cd1ed

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-desktop-privatebank-man-on-chair.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 151142
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_arrow-simple-right-green.svg

45.133.200.3

200 OK

236 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-right-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
c15fb067b96520fab546ea19cbdec4cf
6e12531154a8eae1ffd69a304adef6e36b7f7395
c02e4c11a4c75d01c124759b5c9e9ea61ab52faca11dacd13fd4f36b111c61d9

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/svg+xml
Content-Length: 236
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/v-mobile-business-woman-standing.jpg

45.133.200.3

200 OK

26 kB

URL HTTP/1.1
rcu6.com/index_files/v-mobile-business-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x480, components 3\012- data
Size
26 kB (25812 bytes)
Hash
b8c9c25b56c5bc795c02895e55d00ab9
c9e7f5f939525f6dd6ae7abae39d5cb7b6eb40fe
13f5b82be3a4369ef637e7963b1b62af963de2e9087a6767df07c18356fc0d66

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-business-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 25812
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_arrow-simple-down-green.svg

45.133.200.3

200 OK

251 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-down-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
251 B (251 bytes)
Hash
f8c517c8e11bb3b923c3b40d5a97a558
aec1f36fbbce0c666d22e3111dc8cea51cd66d8a
205542c1a66e2af533470d79ab37d6dcceb6e62b3b0ed44dd28a185a009fa64f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-down-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/svg+xml
Content-Length: 251
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/CML-hero-NEW-mobile.jpg

45.133.200.3

200 OK

173 kB

URL HTTP/1.1
rcu6.com/index_files/CML-hero-NEW-mobile.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=725, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1400], progressive, precision 8, 1400x725, components 3\012- data
Size
173 kB (172824 bytes)
Hash
91f8937c5225b661b1e8fa0c5a0906ac
4c507a0f9431e566dcb6a287d61e50870b99e2af
00fb13972a54aee58558dd11a63c70737a3462decfaa67606684f694b45b44da

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/CML-hero-NEW-mobile.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 172824
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/pelotonia-riders.jpg

45.133.200.3

200 OK

83 kB

URL HTTP/1.1
rcu6.com/index_files/pelotonia-riders.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 675x379, components 3\012- data
Size
83 kB (82993 bytes)
Hash
d0a3a0ddf6579ddb74b4aabe794c7273
a1402b31d2070f37f63b6b2ee9dd778683f38990
0fe72bc26a43b42874029da0f84022b13dc1c61915ed121ab03b6b3e0fa5b690

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/pelotonia-riders.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 82993
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/1.1
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 32829
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/west-broad-elementary-kids.jpg

45.133.200.3

200 OK

32 kB

URL HTTP/1.1
rcu6.com/index_files/west-broad-elementary-kids.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x308, components 3\012- data
Size
32 kB (32055 bytes)
Hash
dc55374efaafedc5193b9f4c57e8f1a1
3dd9bd8ce4d6ef2eb8cd882ed580d57fc6991393
0dab592cbf8f71bce76059647380cb6e82ecb8c96b0e2d45c271563af101da3f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/west-broad-elementary-kids.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 32055
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/jd-power-award-2019-mobile-online.png

45.133.200.3

200 OK

64 kB

URL HTTP/1.1
rcu6.com/index_files/jd-power-award-2019-mobile-online.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 406 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64084 bytes)
Hash
8d223f884315d4a6cbe5ec5ae6e5d56c
e69f13b1a66d9bda11112758a50d2cd666a9624d
2f1795a79395cc96ae535538ae9dcd826f83e2f8b6d998dab5d122f5ec1594b5

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/jd-power-award-2019-mobile-online.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/png
Content-Length: 64084
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/f(1).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(1).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2481), with no line terminators
Size
1.1 kB (1091 bytes)
Hash
6f7f515205027a83b55900908b3d6109
696752d6d1f6558e29bfe47077fb00731dbf9f7f
96290b705666e12aa9dcdcb5d245674174382b0f4aa693b52affcc5a48ae2105

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(1).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/columbus-urban-league.jpg

45.133.200.3

200 OK

38 kB

URL HTTP/1.1
rcu6.com/index_files/columbus-urban-league.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x309, components 3\012- data
Size
38 kB (38135 bytes)
Hash
c387f7385b09799a1ed335ea997d838f
ef5c0a09094bcc0184b3445846146bfd844a880f
8dd84ba8c46c05c00cc9ee5ca020b95f976a0087cc3a70253bf3ff561ea66c3a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/columbus-urban-league.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/jpeg
Content-Length: 38135
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/EHL_Black_HouseOnly.svg

45.133.200.3

200 OK

362 B

URL HTTP/1.1
rcu6.com/index_files/EHL_Black_HouseOnly.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
362 B (362 bytes)
Hash
154fab8e5b522f196f0ee37531af9c86
ebe3f81861334d969b43620e2637dd3357870aa0
9020cc818e67a2cbd69bbcef14df9e2bbe1af307f6311e7604ae15a26355f0e2

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/EHL_Black_HouseOnly.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 3249
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/logo-honeycomb.svg

45.133.200.3

200 OK

435 B

URL HTTP/1.1
rcu6.com/index_files/logo-honeycomb.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Size
435 B (435 bytes)
Hash
1e8ab5050c6d9f1b254f92c9f9cb1842
4213f9baa531ca13becb8fac61701243474f9fc1
4d881d3e3a79ee19b069ba39938689bfca1f42c7fa47ecbe20fd2a390056e497

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/logo-honeycomb.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:03:07 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2363), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
17e4836ec326947f02ea476bdfe36e6d
cccd88b1907fa766f8ef708397ee968a6c22927e
db73f4b968037c9ba8ed7be2d42213db46107f13ae86ce255d55e6a5a7006266

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/0

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/0
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/0 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/0(1)

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/0(1)
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/0(1) HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

35 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
35 kB (34899 bytes)
Hash
e999077d9bf73ce02184a1a2bc4ece77
eeb1397636d570ce12854632f4db43ae2f945c0b
a4111831fb9c0820ad0b0203e6849be61650bed45d5e7601840eb72cb20bbdba

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209

23.72.139.51

200 OK

48 B

URL HTTP/2
www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 10x10, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
48 B (48 bytes)
Hash
6cbb1156f106670a020e38cf19fcc217
1b7325891051a3dc891b704084a7df0f8579c37d
a26c2e015e5e7986a5f83c09da99d9a7ab04c42d650ac2a69d680538e82eb1dd

HTTP Headers

GET /-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 77183e5a07ca45fcbaf010bf53aff281
last-modified: Fri, 14 Oct 2022 11:49:17 GMT
server: Akamai Image Manager
content-length: 48
content-type: image/webp
cache-control: private, no-transform, max-age=471627
expires: Tue, 13 Dec 2022 00:03:34 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-700.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-700.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/index_files/toolkit.min.js.download

45.133.200.3

200 OK

83 kB

URL HTTP/1.1
rcu6.com/index_files/toolkit.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
83 kB (83152 bytes)
Hash
c68a9e2543b10e14437e3b111d86e108
12735eb461d8eb440011bc11cf3e944048853f18
03f70d1db573b5987f41774ef060492888d7047c977e65a97017cb0153253d10

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/toolkit.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F

23.72.139.51

200 OK

10 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
10 kB (10388 bytes)
Hash
10b43fef9c52b9d14a97c7ca5ce00b13
b3976f1f9a817c80c98040df7f6eafbb1e5396ee
42836d28ddb87bdb39b52eabe6038e5f1541efe542515adddcfb8efb17ea020c

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 4fb20a3a01f5492ca8289996b580052a
last-modified: Thu, 09 Jun 2022 17:50:18 GMT
server: Akamai Image Manager
content-length: 10388
content-type: image/webp
cache-control: private, no-transform, max-age=68503
expires: Thu, 08 Dec 2022 08:04:50 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E

23.72.139.51

200 OK

3.6 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.6 kB (3568 bytes)
Hash
56604a7df3f4c9c9b03ec95a8a54b3db
ed50b495fcc27a35158336e37098001191cf4a54
815f38d3f26ce6455ca858ce73abb3bf6192065c09e8c7118eb736ed20e6dbb9

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 8ac43a653e8f4954b8919fe5d18f2481
last-modified: Thu, 09 Jun 2022 18:21:54 GMT
server: Akamai Image Manager
content-length: 3568
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Thu, 08 Dec 2022 01:03:07 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-300.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-300.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Book.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Book.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-600.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-600.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe

23.72.139.51

200 OK

47 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x810, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
47 kB (46614 bytes)
Hash
f46268f2799d168f6a57d30321938f75
7dbb0732e4a0bb2aad4a24274f37867ccff0846e
1214167d2deea4ca58c92c53ce99080170ca94aa5c5d9c226fec34c68370bf49

HTTP Headers

GET /-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: c69b1afaa18b4dcd9f9d1422ebfd2153
last-modified: Fri, 11 Nov 2022 21:24:13 GMT
server: Akamai Image Manager
content-length: 46614
content-type: image/webp
cache-control: private, no-transform, max-age=118550
expires: Thu, 08 Dec 2022 21:58:57 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be

23.72.139.51

200 OK

400 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
400 B (400 bytes)
Hash
9c75d30bead00eb80005940547a8a8bb
948e77324d5a0f9709bddb0b1438cd7a271337e8
8781a8a5abfa3b4adbfbe3a8b3028d7f6516b65432cebd89a51cf655a360d441

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 400
content-type: image/svg+xml
etag: fa17d379df254ed5a6f66038800ebf7d
last-modified: Wed, 05 Jun 2019 17:54:26 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_arrow-right.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
cache-control: public, max-age=1683532
expires: Tue, 27 Dec 2022 00:41:59 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA

23.72.139.51

200 OK

5.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5672 bytes)
Hash
8976af11a2fb4ffb56c2de37d1501a5c
9131cc4c70a5f09777eca0163cfe001841f121ab
27f5c7ecff862d66273a687cd0193b65d06cc3ab748d76e885ae39b295df9d06

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: d2a2c6d72c0a4a7883edfc4fc924ad35
last-modified: Wed, 08 Jun 2022 20:23:36 GMT
server: Akamai Image Manager
content-length: 5672
content-type: image/webp
cache-control: private, no-transform, max-age=153807
expires: Fri, 09 Dec 2022 07:46:34 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157

23.72.139.51

200 OK

1.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 814 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
e275909623f8a06dea733b9f50d68189
ee712255204c913c4adb9a2a9cd0f9ba9971ea8c
11c468e07fa0178954d85e2789a16c1c3d4d1b55ab5ca9f86f9f6512d1136b93

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 76a4f8542fb0448e94b8414051022b40
last-modified: Wed, 08 Jun 2022 21:50:39 GMT
server: Akamai Image Manager
content-length: 1709
content-type: image/png
cache-control: private, no-transform, max-age=156186
expires: Fri, 09 Dec 2022 08:26:13 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9

23.72.139.51

200 OK

14 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14408 bytes)
Hash
ed356b3bede532165cb20ff1a100bf79
f1309cf6ed05e63704e4f63419807fc7764d76ea
db95aed35b2785ab0bcce9d4364fe30f6bd04f2d68cb3411f1cac43667d0e2d7

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: ed53b70faaa446babf67dfa1dcd7dfe4
last-modified: Wed, 08 Jun 2022 20:13:40 GMT
server: Akamai Image Manager
x-serial: 1629
x-check-cacheable: YES
content-length: 14408
content-type: image/webp
cache-control: private, no-transform, max-age=151660
expires: Fri, 09 Dec 2022 07:10:47 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0

23.72.139.51

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1384 bytes)
Hash
1ac44f61f40159cf891a29575701fa00
7b0aecb51d7c565310e39c1946704aec22748d37
36a47ff572326ab045f24fbb8fa2d835e093fee269316de3446272248d2f5a04

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: d3efa4d87fc24098b87f344a935558be
last-modified: Wed, 05 Jun 2019 17:56:55 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1494600350"
x-ua-compatible: IE=edge
content-length: 1384
cache-control: public, max-age=216725
expires: Sat, 10 Dec 2022 01:15:12 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D

23.72.139.51

200 OK

16 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (15490 bytes)
Hash
951228a305b66576a1ea5e8c0de62b9b
46af907560964bbbe009b2ccad280ea33a743af3
9a752738f5e04abde40c93be70a7b5bcca992d206864ce95f7825bfb7081afd0

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: e29268cf6e3344b5a85a51723c7d981e
last-modified: Thu, 13 Oct 2022 23:11:12 GMT
server: Akamai Image Manager
content-length: 15490
content-type: image/webp
cache-control: private, no-transform, max-age=287560
expires: Sat, 10 Dec 2022 20:55:47 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95

23.72.139.51

200 OK

980 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2132), with CRLF line terminators
Size
980 B (980 bytes)
Hash
b458b2b05ca5d4504443dc1acd27e1b3
28840cccc8d7a75ea11f681fe0c692aea1f4eb5d
1d0cb599a83bda7ac4da5d34139d74016fac29366d04abfeb28d74b609860c76

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 7d2f6b352081426d90293ee580660924
last-modified: Wed, 05 Jun 2019 17:55:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_check.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=231563
expires: Sat, 10 Dec 2022 05:22:30 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
content-length: 980
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e

23.72.139.51

200 OK

120 kB

URL HTTP/2
www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 982x1270, components 3\012- data
Size
120 kB (119802 bytes)
Hash
5ae74a975c38365d32213c22d43bb7ea
55e76e42524741c38d83f7fdf26b6c892050ab87
ec251060273f77a254fa4766a6a103c02f34ce37f1250b688a86f048c885585c

HTTP Headers

GET /-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 2206b44971fd446d95c06e37683211a2
last-modified: Wed, 08 Jun 2022 20:16:41 GMT
server: Akamai Image Manager
content-length: 119802
content-type: image/jpeg
cache-control: private, no-transform, max-age=123072
expires: Thu, 08 Dec 2022 23:14:19 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/dest5.html

45.133.200.3

200 OK

13 kB

URL HTTP/1.1
rcu6.com/index_files/dest5.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39172)
Size
13 kB (12812 bytes)
Hash
ff9d4ce7b23b16e751778b9b7db68a4a
5d4c4a9b965531b47d64cd9a386ce0e85e3d4cc1
1755659d1b6b8d1b4ea20fefe959efc053e6f7b80577d32cb958d9429c7ff78c

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/dest5.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi.html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10376 bytes)
Hash
6407abad084e7cec781df39f65144b8e
05112c0e133ba3c328c139e6afbc68b9f198cf4a
0ccd314537fcfa535aab32727e29d27c68512077f7d0f4c9017e10fa91f7aa82

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi(1).html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi(1).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10383 bytes)
Hash
60d756468fb835fc12cbcf5facb1240a
6ccc7817e45707432fa72a45aaaef8a937a85d4c
1781e7d7cb0de6af4ea25ad6282930ab4ab9f3edc650905d0e04f1c33bc69faa

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(1).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi(2).html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi(2).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10295 bytes)
Hash
d98e27adb0f77a62ddf42b21485c581a
c07f9b26535af18befd9ecf3d5b222866f8cd7f0
9be967cc4b4673c040c64b92c7a7d2cacf5d604a798b8da50a85184222bcdeb7

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(2).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/nuanceChat.html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/nuanceChat.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39157)
Size
10 kB (10427 bytes)
Hash
c17602da7ee65c095997507dc05409b5
40cc86b4b4500c7474e85817bd70b8de23da6bcc
d30e7cd4571d41d58b098279d395a8c833e9ef506ca386ffbe0253674bcfd4ac

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/nuanceChat.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 662
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c

23.72.139.51

200 OK

92 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
92 kB (91480 bytes)
Hash
ce99a1fb536d02f0dcc782ffb8438c0c
25560e8eca53546add5f3369e769b4b0b1d43557
0b5a268c9e87c892162c2771ad7e2e38a7fed8093583f95b29295ea8d582f80c

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: efd57170b2f44cc3b266f06b8d9243c7
last-modified: Thu, 09 Jun 2022 17:54:43 GMT
server: Akamai Image Manager
content-length: 91480
content-type: image/webp
cache-control: private, no-transform, max-age=313857
expires: Sun, 11 Dec 2022 04:14:04 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9

23.72.139.51

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1387 bytes)
Hash
530a243cc209cd8afce6d3a197c5bd17
e5a7c57ce240c2ac73e936359600a30ae62fd58a
8c46775a644575089db972ec9730ca8107c1f5c22f34b2dfaeb0764f59fcc767

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: bcda849763ff48be83f5925ec46aa828
last-modified: Wed, 05 Jun 2019 17:57:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
x-ua-compatible: IE=edge
content-length: 1387
cache-control: public, max-age=216686
expires: Sat, 10 Dec 2022 01:14:33 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3

23.72.139.51

200 OK

42 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 710x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
42 kB (42250 bytes)
Hash
6f05a70c13af36e7fe5e62cfe6fbf57f
39e32f5cfc4132dce53bc536f05e5425a9832ae1
aa0467ff6a034d37cae7552dd7a9ecda5d0e1add6e70fe88f8b123ebd6fc524f

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 5cb85c318c894340af50f107ee9f1c66
last-modified: Wed, 08 Jun 2022 19:55:58 GMT
server: Akamai Image Manager
x-serial: 1550
x-check-cacheable: YES
content-length: 42250
content-type: image/webp
cache-control: private, no-transform, max-age=309223
expires: Sun, 11 Dec 2022 02:56:50 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2

23.72.139.51

200 OK

993 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1811), with CRLF line terminators
Size
993 B (993 bytes)
Hash
cac6c8de29569656e3d94fa40e6dea0c
deb5ec56b0c824f8c1e4c24e4c5af4ddb4b80fde
b064f32f5470e9dd978f554b692b13a158f8ba3d39d18937b523e8b09d226877

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: dcfd27c09cc34b5e842ea415ae9880e6
last-modified: Wed, 05 Jun 2019 17:59:00 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_people-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1579183973"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2222048
expires: Mon, 02 Jan 2023 06:17:15 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
content-length: 993
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hm5RURKkF93aVyzdPcFLLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uiXN1H/iKed3sJlA8T2TcIrRo5c=

www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e

23.72.139.51

200 OK

91 kB

URL HTTP/2
www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x725, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
91 kB (91194 bytes)
Hash
a2931179dfaf48bba6876efb015b4f3c
7d7d6a94bd8a226cc38ab3c6134edb16b7e9f6ae
7a738c847e87cff5e7e3c8bc690528d4fda210f9f13362f627f6d18e1098bc24

HTTP Headers

GET /-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 7cebda52e3374a859172a0af2ce73326
last-modified: Wed, 08 Jun 2022 21:50:12 GMT
server: Akamai Image Manager
x-serial: 149
x-check-cacheable: YES
content-length: 91194
content-type: image/webp
cache-control: private, no-transform, max-age=342008
expires: Sun, 11 Dec 2022 12:03:15 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12

23.72.139.51

200 OK

1.1 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3770), with CRLF line terminators
Size
1.1 kB (1139 bytes)
Hash
1a230e5e8908d4ec9bd6bd525095ed31
5f49b0c7686d56b6371e69ad9e8908240de0f345
bc023d7b3178af0a08eb58d08801599665c12f6fb08faf31c843633728cd6d52

HTTP Headers

GET /-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 53a09414b63d41d48397fd1719ed6944
last-modified: Wed, 15 Apr 2020 14:40:36 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="HNB_icon_DARK_RGB_34x34_Corporate.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="17512342"
x-ua-compatible: IE=edge
content-length: 1139
cache-control: public, max-age=387820
expires: Mon, 12 Dec 2022 00:46:47 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf

23.72.139.51

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2280), with CRLF line terminators
Size
1.2 kB (1175 bytes)
Hash
fdb0d7da9f5dc5e4542c13cdbcf47ed6
070fa7b80f5b3bdc7488310cd2bfe488723ebbb4
a68268f938c5db2376f145fb4bca2598f5933edc3f0a891a376df9870f49e1d2

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 4e8db6ed00a645e18ee39fe6b51a08be
last-modified: Wed, 05 Jun 2019 17:56:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_hand.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="514354728"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2046038
expires: Sat, 31 Dec 2022 05:23:45 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
content-length: 1175
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190

23.72.139.51

200 OK

692 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1072), with CRLF line terminators
Size
692 B (692 bytes)
Hash
54a931f3d67d12eebfaa0b1b8170de5f
d4155b224a910c1ed02e86dbe36ca2c2a23d3bdf
c693de0e38e83e571ce78ac4c1bec5e71ce484d239d3c8f1ef44c7a8f29dc2e9

HTTP Headers

GET /-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: b6512779b80f4446945dfa410d8d0245
last-modified: Wed, 15 Apr 2020 14:42:16 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="HNB_icon_DARK_RGB_34x34_SecureLock.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="912168674"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=1172236
expires: Wed, 21 Dec 2022 02:40:23 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
content-length: 692
X-Firefox-Spdy: h2

www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

23.72.139.51

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4339)
Size
1.2 kB (1249 bytes)
Hash
19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78

HTTP Headers

GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "09cbc8223f9d81:0"
last-modified: Tue, 15 Nov 2022 18:53:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1967403594"
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=1733603
expires: Tue, 27 Dec 2022 14:36:30 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

players.brightcove.net/1317241590001/default_default/index.min.js

2.18.173.25

200 OK

113 kB

URL HTTP/1.1
players.brightcove.net/1317241590001/default_default/index.min.js
IP
2.18.173.25:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
113 kB (112619 bytes)
Hash
17c587f03cae5f6efdd68553a9e5a267
23187e28326aba9754c17c40b2f298ac61627d1b
4584ee27c422cb9720b72528671dc036e01f37b7baa9471bc1c9800babbecd2c

HTTP Headers

GET /1317241590001/default_default/index.min.js HTTP/1.1
Host: players.brightcove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 112619
x-amz-id-2: 67OhGOGt29VU0S+HUUALb0LWHDcEbp5eeFkU9mFyEJsYJ80jw1Ely9pzSQ9WDSSOO9bICmso7DE=
x-amz-request-id: 2BM2KGQ19H2R64QG
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 27 Aug 2019 17:32:01 GMT
ETag: "17c587f03cae5f6efdd68553a9e5a267"
Content-Encoding: gzip
x-amz-version-id: kxoMNjsk74TqDku_pV2EDboTEDLATDw0
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
X-Served-By: cache-cph2320059-CPH
X-Cache-Hits: 1
X-Timer: S1663611770.284762,VS0,VE414
Vary: Accept-Encoding
X-BCOV-Response-Mode: 1
Cache-Control: public, max-age=300
Date: Wed, 07 Dec 2022 13:03:07 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *

rcu6.com/fonts/muli-v11-latin-700.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-700.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-300.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-300.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Book.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Book.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-600.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-600.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-600.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

23.72.139.51

200 OK

14 kB

URL HTTP/2
www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
IP
23.72.139.51:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45689), with no line terminators
Size
14 kB (14478 bytes)
Hash
1ee15309bb313a5479cf9d3c90953de2
0e1c797088d6be92035bff7e5495b3a953b5a6b4
a57d97a52e080f530b7c9e39563b957174720ed6c8b57a119321ad4f9b70b7bf

HTTP Headers

GET /Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "0f59ebaf2e3d81:0"
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="1"
x-ua-compatible: IE=edge
content-length: 14478
cache-control: public, max-age=1609767
expires: Mon, 26 Dec 2022 04:12:34 GMT
date: Wed, 07 Dec 2022 13:03:07 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/index.min.js.download

45.133.200.3

200 OK

322 B

URL HTTP/1.1
rcu6.com/index_files/index.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
322 B (322 bytes)
Hash
55f45d358206ca31c4759defeea3be62
04c605b51629b94085bc2bd054b4e6c6989b2ffb
1c8581c1cc0ae1972eaf6022b377d3cb4c343f9c14d441376b1c546996685f51

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/index.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi(1).html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001

151.101.194.27

200 OK

51 kB

URL HTTP/2
f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001
IP
151.101.194.27:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
51 kB (51192 bytes)
Hash
4cc0c7dca6a70b838f366f14bbf0e7af
145e954f96c3bc3f7cf9fe5f4bfdaa55e0a698a1
3ac85f38c5f9ae299a2dcbe4cac1af9f50baee5c25b2a392ff3136f299e2eb61

HTTP Headers

GET /8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001 HTTP/1.1
Host: f1.media.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
etag: "4cc0c7dca6a70b838f366f14bbf0e7af"
expires: Tue, 08 Nov 2022 16:37:09 GMT
last-modified: Thu, 23 May 2019 15:36:19 GMT
via: 1.1 72b77c557ac4c265c32d99bdef4e9d6a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD79-C3
x-amz-cf-id: qZydNnsGvqidKCtYzgMhSfDcUgLBlDLsk_Gn4shnzWqZkPbUjjlRRw==
cache-control: max-age=0
accept-ranges: bytes
date: Wed, 07 Dec 2022 13:03:07 GMT
age: 3097558
x-served-by: cache-iad-kiad7000060-IAD, cache-bma1636-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 152, 1
x-timer: S1670418188.863053,VS0,VE1
content-length: 51192
X-Firefox-Spdy: h2

rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi(2).html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/site_10006663_default.js.download

45.133.200.3

200 OK

9.2 kB

URL HTTP/1.1
rcu6.com/index_files/site_10006663_default.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (22091)
Size
9.2 kB (9162 bytes)
Hash
be57db32f5a9906716069ada79401278
39bf1f856fe9be256d6ef27fb3ed413cfb1bd545
2a9ed68d31ad01792f47c0629170acf2568038cfcee438e0c4ddf95466d2738f

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/site_10006663_default.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

26 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
26 kB (25961 bytes)
Hash
a040dcbb9faf765953fd05e8b2bdeeef
10016b59d917c89dbca02bc5b55b5afb20b80fe8
740d169a17b5e6fb92006a4b13b324ac5be02f435dbe976e50112514a6a4fdfa

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/ads-blocking-detector.js.download

45.133.200.3

200 OK

2.0 kB

URL HTTP/1.1
rcu6.com/index_files/ads-blocking-detector.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text
Size
2.0 kB (1970 bytes)
Hash
e477e07ecebd567560d3a7e266a67dd2
bdb9989c4513effa36e9fbb2c0b878f320864bda
211bd742e866fd7cd0c2d9a36828488440d2101c6bc5d1bffb5a1298a7c7cc1e

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ads-blocking-detector.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/tcFramework.min.js.download

45.133.200.3

200 OK

128 kB

URL HTTP/1.1
rcu6.com/index_files/tcFramework.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (3061)
Size
128 kB (128543 bytes)
Hash
39f26c933162aaa7bac78f69a67d5351
2fbbe92e185c575ac8e2f4b0c42a9b89060883e2
92008e8620273136d5083034149b2a1ad396bff9fb8fb254e043a317f27d3085

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/tcFramework.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:07 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2Femail-account.php&time=1670418186277

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2Femail-account.php&time=1670418186277
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2Femail-account.php&time=1670418186277 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&44aef6e9-16ee-4e01-8724-0faff23141d1"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 13:03:07 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2392:u=1:x=1:i=1670418187:t=1670504587:v=2:sig=AQGmfqtVCPSieOZynPgr6A7pP9chHnFd"; Expires=Thu, 08 Dec 2022 13:03:07 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvPIq3kdpmChk6D0Felg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 059ED84484FB49FC9F261132624179DF Ref B: OSL30EDGE0505 Ref C: 2022-12-07T13:03:07Z
date: Wed, 07 Dec 2022 13:03:07 GMT
content-length: 0
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.1324820642312352&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2Femail-account.php

52.51.219.145

200 OK

243 B

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.1324820642312352&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2Femail-account.php
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (316)
Size
243 B (243 bytes)
Hash
d4a1dc8f210082d2ada88ad1f7d9f068
7d1b2c31bdf727fb5b62590e516b980423774100
7cafd2268a89e81e8193a20519bc38ae8961907faaa3e5b3a0fd43f067e97867

HTTP Headers

GET /huntington/com/serverComponent.php?r=0.1324820642312352&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2Femail-account.php HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 07 Dec 2022 13:03:07 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 4ef5b810a61123a6a28e9f07ba613430.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: V2XrimjX3U5v_y4EkKpc4S8Htfw3NIjYsgJlekz3DJu6SD978U4fkw==
Content-Encoding: gzip

rcu6.com/index_files/postToServer.min.html

45.133.200.3

200 OK

17 kB

URL HTTP/1.1
rcu6.com/index_files/postToServer.min.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39265)
Size
17 kB (16806 bytes)
Hash
ad367688fdd81da80f221274b4553073
7f624729318cbd11a2ff1c2aca9c92e428d343dd
6879c6408488f39dedebccbbc67e548e6b11f79df2a951ae20cef7580ffffb7e

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/postToServer.min.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

52.51.219.145

200 OK

37 kB

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (557)
Size
37 kB (37292 bytes)
Hash
a61cd463438c91420b7c117a7b21adef
2633563d14f3066b5722b4c8582e94a1cee4f825
d3e0f8835f833c2533bb8e56c972208624e33d183959f310008840f74b69491b

HTTP Headers

GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 25 Oct 2022 01:03:34 GMT
ETag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 87c2f129ca002f6811a7e1d2fe8c6810.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: XLAf5DF_mWueOiLMCyKy84AuD6AU9mYx_soW8_tkiUV2n2rAx7xI2Q==
Age: 3754494

huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js

52.177.241.160

200 OK

2.2 kB

URL HTTP/2
huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
2.2 kB (2204 bytes)
Hash
f1c88dcc4062073fc324e637e750d94b
543189cfa5d45151b2a1d424ca15b29b9709415d
6a6635e86d62b6ef5b1ba11e946a382bac949c7d4ab8a1c6f64624cfaa5a9cf0

HTTP Headers

GET /tagserver/js/ads-blocking-detector.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:03:08 GMT
content-type: application/javascript
content-length: 2204
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
samesite: Strict
cache-control: max-age=3600
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND
etag: "Bm8GfGTnKlU"
last-modified: Wed, 30 Nov 2022 19:16:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2

huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

52.177.241.160

200 OK

2.0 kB

URL HTTP/2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1021)
Size
2.0 kB (1974 bytes)
Hash
6bb8153783efa9d79386ef1fd0b5d20a
b7b6f3bc8f05161166c883cedfba33d119761430
558588effb92606a76ebe3b5f006052f7021b461715225a613452546ab7e9995

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:03:08 GMT
content-type: application/javascript
content-length: 1974
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: no-cache
samesite: Strict
etag: "7LnUGa92njb"
last-modified: Thu, 01 Dec 2022 06:36:04 GMT
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.clinch.co/a_js/client_pixels/clq/script.min.js

95.101.10.90

200 OK

4.6 kB

URL HTTP/1.1
cdn.clinch.co/a_js/client_pixels/clq/script.min.js
IP
95.101.10.90:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (14797), with no line terminators
Size
4.6 kB (4567 bytes)
Hash
87474300d7f17748e3ed24b42d4bee2b
9d2c3a1f2b9cffdcb309ea2a2b13bed7b693042c
0388ad3b8fc80cfb336b71fabe7c01a2a8d8ff699fb448f4105a7d9ff5f680ef

HTTP Headers

GET /a_js/client_pixels/clq/script.min.js HTTP/1.1
Host: cdn.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: GOUPBDUqUrWxvP4/HKrzDYlrArfvlOmQz/pa4jdSpy+ixsYiakPlmO04sxkhp2bewI29qI1gmfQ=
x-amz-request-id: C4V9F73KCAC1YNPX
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
ETag: "666e09028e21421106f9ecd0ceb1ddac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=28823357
Expires: Mon, 06 Nov 2023 03:32:25 GMT
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Length: 4567
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Access-Control-Allow-Origin: *

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

302 Found

252 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
252 B (252 bytes)
Hash
c911c6f4161cf68ee27d02ec0f268ff8
0bd040c44c96dd6b1b89613ffc4e48a0152eec95
c9fc67737c8a2913e73cf8ab458fbb11b1d39ea3302992eb0da094fe74954164

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 252
X-XSS-Protection: 0

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

52.51.219.145

204 No Content

0 B

URL HTTP/1.1
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 d8e6d5a84eb26ff3b7d1801d7337b390.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: -Dl3QpGCtX6E_iOx5zd91cxeDn1LkzuU2emw-r2p0VihvnXmqdOTaw==
Age: 33973

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
025aa37ca8ed1182853743ad63a8766a
37ab26de840c513085561490c1ddb2122d85fe40
dead6ae57c6700ba74d5107628983b595bc35275b32699ced82cc31d1979054c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1015
Cache-Control: max-age=138767
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Etag: "63900624-1d7"
Expires: Fri, 09 Dec 2022 03:35:55 GMT
Last-Modified: Wed, 07 Dec 2022 03:19:00 GMT
Server: ECS (amb/6BAC)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44137 bytes)
Hash
896f41b8b7449fd549196fcb9257f5b8
9ba1694e9bbc578d73527740aaeb286f24246001
f2be904824b33888888e730677624b65ef4f4d25f403465f319647b94e9f444f

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 13:03:08 GMT
expires: Wed, 07 Dec 2022 13:03:08 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

95.101.11.57

200 OK

4.6 kB

URL HTTP/1.1
snap.licdn.com/li.lms-analytics/insight.min.js
IP
95.101.11.57:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12961)
Size
4.6 kB (4581 bytes)
Hash
c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Last-Modified: Thu, 17 Nov 2022 18:52:45 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=52752
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Length: 4581
Connection: keep-alive
X-CDN: AKAM

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

s.yimg.com/wi/ytc.js

188.125.94.206

200 OK

5.9 kB

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
188.125.94.206:0
ASN
#10310 YAHOO-1

File type
ASCII text, with very long lines (16553), with no line terminators
Size
5.9 kB (5929 bytes)
Hash
2f6a1b8a4843f74a5ba54c055fcb3850
919a5f9166f3f9c73803cebd312ad016570a30d8
1b6439153633e4e2dc23c743e14218931c1b4912bc7a3ad64bfee1d2d6982f50

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: fjzEwHGyF8AGLzKe6fhX3epbioaOgGofty4+pfq9TxsZ8vJlMyXCsquDZ4CjDLGSlaaD9MC1psQ=
x-amz-request-id: 5QNAAYJ8RPMTQN1Z
date: Wed, 07 Dec 2022 12:52:58 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
content-encoding: gzip
age: 611
content-length: 5929
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013?

142.250.74.166

302 Found

0 B

URL HTTP/1.1
fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013?
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013? HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: http://2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1944
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Last-Modified: Wed, 07 Dec 2022 12:30:44 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

143.204.55.61

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
143.204.55.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://rcu6.com/
Origin: http://rcu6.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Wed, 07 Dec 2022 05:55:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: accept, origin, content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SAeFxU0u7192GIhLfLkkHFQ6oq8bBY7vQTR5T4yClQslgTNNjysUow==
age: 25668
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4

HTTP Headers

GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f

HTTP Headers

GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b

HTTP Headers

GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577

HTTP Headers

GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

connect.facebook.net/en_US/fbevents.js

157.240.247.8

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.247.8:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: n3QEHt7bbpq3N+itVEM8cqEBWb3f6R0tli7jNF3mYAbtQgmwAgN4hJCtng5L6BgE8rXAH3oRj79lrVWvk3ENfA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 13:03:08 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3432
Cache-Control: max-age=88998
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:46:26 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013?

142.250.74.38

200 OK

313 B

URL HTTP/1.1
2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (398), with no line terminators
Size
313 B (313 bytes)
Hash
bea4450dfdf33be276ce315f36885f75
492fb0ec7d54ea44d06ca107191e59ea67ff1b25
cda23c361eaf7c17a7022f691fe508384dfca5b9e165e34f1ab6e9eafe78fb25

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013? HTTP/1.1
Host: 2782440.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rcu6.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:03:08 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 313
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418188234&cv=11&fst=1670418188234&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

929 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418188234&cv=11&fst=1670418188234&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2029), with no line terminators
Size
929 B (929 bytes)
Hash
c577159f543704f8a4b334538e2ade01
da8045f5f835e2ed557e11aa3050e097c054a857
f4f6ee1c10fff71648d438837ae2144a5cff7fa85a04b26d6af484905c17f46e

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1670418188234&cv=11&fst=1670418188234&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 929
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:18:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418188296&cv=11&fst=1670418188296&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

929 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418188296&cv=11&fst=1670418188296&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2029), with no line terminators
Size
929 B (929 bytes)
Hash
cac9cb64c309ad63b4fda79ede983e9f
7b64bec87c7e4ca5b12c140465a199837a8c57f6
fcb4f59c29726d3f074b9d3a073b4709b97af6c2fd2da851239b6bbb5c879962

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1670418188296&cv=11&fst=1670418188296&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 929
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:18:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418188253&cv=11&fst=1670418188253&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

929 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418188253&cv=11&fst=1670418188253&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2029), with no line terminators
Size
929 B (929 bytes)
Hash
9c3e7993ce044fb1ce4d091f45bfadd9
a274a9697022189eed48a3883f692eafd9571318
82a584208835582579c323bf55ecc9bcf76f3979d4c6af258c0b5bcd6e4fe250

HTTP Headers

GET /pagead/viewthroughconversion/786635084/?random=1670418188253&cv=11&fst=1670418188253&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 929
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:18:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418188280&cv=11&fst=1670418188280&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

930 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418188280&cv=11&fst=1670418188280&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2027), with no line terminators
Size
930 B (930 bytes)
Hash
6bb889abb9bced399c3783aa6744447f
4d6fe6784909f1511f9818d751cde66067d6bdf7
0e455a2a7cb4c9637fc5b5b451322e09c63fe20bee2281b387562c0f95f9ee53

HTTP Headers

GET /pagead/viewthroughconversion/391028924/?random=1670418188280&cv=11&fst=1670418188280&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1366411838.1670418188&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:18:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A03%3A08%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8

212.82.100.181

200 OK

0 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A03%3A08%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A03%3A08%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:03:08 GMT
expires: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBAyPkGMCENrh0WWXqzCagHbTkGWzGTIFEgEBAQHgkWOaYwAAAAAA_eMAAA&S=AQAAAgximj5Zwl4a6ICqIGHv9BA; Expires=Thu, 7 Dec 2023 19:03:08 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/

216.58.207.226

200 OK

187 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (397), with no line terminators
Size
187 B (187 bytes)
Hash
35d49d48457918596997d300278a3ad7
34b774647f112e479f0c1c4ea22d32e1a9a06460
7b5bd2c4650fec49e6807ba2500b32e6ec0a49fb078591d21ad36b9bc04532ae

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://2782440.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670418188296&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3426566330&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670418188458&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418188456.1783746857&it=1670418188268&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0a6beb69-d774-4373-af7d-2c4e04a2c31c&rqm=GET

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670418188458&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418188456.1783746857&it=1670418188268&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0a6beb69-d774-4373-af7d-2c4e04a2c31c&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670418188458&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418188456.1783746857&it=1670418188268&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0a6beb69-d774-4373-af7d-2c4e04a2c31c&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 13:03:08 GMT
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1670418188253&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4080645455&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670418188234&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3081170071&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1670418188280&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=488170594&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4946
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:03:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4946
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:03:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 54568
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7392 bytes)
Hash
c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 35247
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 16217
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4946
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:03:08 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4946
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:03:08 GMT
Connection: keep-alive

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 58414
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8579 bytes)
Hash
a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
age: 54349
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
8055d0db573ab34924db3b60ed788bb2
a4aae05e7a929fc7f652f56748d2a2da9c44ac45
f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2yTSxwlKkHX-ZwkVhDJeZH9E_RRAHeyZg0GmOZC5Vyqyr_Sw9rtZyQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:49:13 GMT
age: 54835
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/

142.250.74.162

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/
IP
142.250.74.162:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=4635590028193.013;~oref=http://rcu6.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:03:09 GMT
expires: Wed, 07 Dec 2022 13:03:09 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cb0899ff5029a3739664c2d55c9a85f
1b008758609e70da320831d496919157839fec7f
ff5a950b0f255d4c0284773cac7b07f3c772f02cc3283c3611a1cb9ab9e4d4dd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FF5A950B0F255D4C0284773CAC7B07F3C772F02CC3283C3611A1CB9AB9E4D4DD"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16654
Expires: Wed, 07 Dec 2022 17:40:44 GMT
Date: Wed, 07 Dec 2022 13:03:10 GMT
Connection: keep-alive

mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2Femail-account.php;visitID=VBYUAJAUEZSAPUJTJLZKPVQSVVHJNIDT;app=0bd76d7cc9264013;end=1

100.24.162.178

200 OK

28 B

URL HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2Femail-account.php;visitID=VBYUAJAUEZSAPUJTJLZKPVQSVVHJNIDT;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2Femail-account.php;visitID=VBYUAJAUEZSAPUJTJLZKPVQSVVHJNIDT;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1263
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:03:10 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957

34.203.147.81

301 Moved Permanently

134 B

URL HTTP/1.1
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957
IP
34.203.147.81:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 07 Dec 2022 13:03:11 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://trk.clinch.co:443/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957

34.203.147.81

302 Found

0 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957
IP
34.203.147.81:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:03:12 GMT
content-length: 0
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957&try2=true
server: clinch
set-cookie: clinch-sid=65d7e0f2-dcb1-4d2c-ae9f-fb99046b684a; expires=Sat, 07 Dec 2024 13:03:12 GMT; domain=clinch.co; path=/; secure; samesite=none
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957&try2=true

34.203.147.81

200 OK

79 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957&try2=true
IP
34.203.147.81:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
70c92fdbfdaad0989a68617939cf615c
4cc7e0778377d6e89b665e1741c798b9df21693a
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670418190957&try2=true HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Cookie: clinch-sid=65d7e0f2-dcb1-4d2c-ae9f-fb99046b684a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:03:12 GMT
content-type: text/html
content-length: 79
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2

ocsp.godaddy.com/

192.124.249.23

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.23:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
86476fbd753267ea2ee3851675410160
977e0b791ee980544ba9ec54b572d7fa845ed620
a38bdc3f0d807964940714cfd06d8b98e83256f8fa0418409c3fee0493fe4797

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 13:03:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19023
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 20:06:23 GMT
Expires: Wed, 07 Dec 2022 20:06:23 GMT
ETag: "977e0b791ee980544ba9ec54b572d7fa845ed620"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

100.24.162.178

200 OK

28 B

URL HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2Femail-account.php;visitID=VBYUAJAUEZSAPUJTJLZKPVQSVVHJNIDT;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2Femail-account.php;visitID=VBYUAJAUEZSAPUJTJLZKPVQSVVHJNIDT;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 21709
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:03:14 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

rcu6.com/index_files/121543311796381

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/121543311796381
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/121543311796381 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 178273
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/js

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/js
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/js HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 81640
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020

35.186.193.174

200 OK

0 B

URL HTTP/2
media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020
IP
35.186.193.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/tcFramework.min.js?codeVersion=1587584821020 HTTP/1.1
Host: media-lax1.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
date: Wed, 07 Dec 2022 13:03:08 GMT
expires: Wed, 07 Dec 2022 14:03:08 GMT
cache-control: max-age=3600,public
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
etag: W/"61774ab2-f2eab"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

143.204.55.61

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
143.204.55.61:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 07 Dec 2022 12:02:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=30642
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: W8FiqphO8wsEK1f7OFLaC3u6IQnpEXelYyX2MoH8H4a0Q5cngz9PEA==
age: 3613
X-Firefox-Spdy: h2

rcu6.com/index_files/121543311796381

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/121543311796381
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/121543311796381 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/email-account.php

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:03:06 GMT
Content-Length: 178273
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (51)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations