Report - rcu6.com/

Report Overview

Submitted URL
rcu6.com/
IP
45.133.200.3
ASN
#200313 WEB_GroupInternet INC
Submitted
2022-12-07 13:02:34
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Huntington

Detections

urlquery
34
Network Intrusion Detection
0
Threat Detection Systems
158

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	142.250.74.131
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	573 B	867 B	142.250.74.130
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	649 B	349 B	157.240.247.35
rcu6.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25 kB	1.7 MB	45.133.200.3
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	824 B	13.107.42.14
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	7.4 kB	142.250.74.34
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	365 B	29 kB	157.240.247.8
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	566 B	1.1 kB	142.250.74.98
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.36
players.brightcove.net	3805	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	113 kB	23.38.201.31
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	48 kB	142.250.74.40
f1.media.brightcove.com	21505	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	52 kB	151.101.194.27
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	2.3 kB	142.250.74.67
www.huntington.com	56151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	571 kB	95.101.10.201
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	5.0 kB	23.36.76.121
huntingtonbank.inq.com	92998	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	778 B	5.3 kB	52.177.241.160
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
trk.clinch.co	5423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	1.2 kB	34.195.84.81
media-lax1.inq.com	41901	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	402 B	35.186.193.174
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	6.3 kB	93.184.220.29
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	927 B	87.248.119.251
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	942 B	937 B	143.204.55.71
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	2.3 kB	142.250.74.132
2782440.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	895 B	142.250.74.38
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	574 B	919 B	212.82.100.181
mef957.dynatrace-managed.com	107553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	167 B	100.24.162.178
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ensighten.huntingtonbank.com	91425	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	39 kB	52.51.219.145
cdn.clinch.co	7154	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	377 B	5.3 kB	23.36.79.32
fls.doubleclick.net	436	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	449 B	635 B	142.250.74.166
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.94.191

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-12 12:54:15 Times Seen1 Hash 795b6295a518e0a829d7b29695163231 9cada4433e63280a008cbb0a2a0bdb5af5e57206 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c Loading...

	www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c	139 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 471eafd64b0e218e72962b9e410e51b5 2b4e0a55be14d59a43505c0fb48c010c76e45073 fc82d437b41d3965bdbaa3ae189eab249d8222d81c14d1f48c14a1d174422244 Loading...

	rcu6.com/index_files/oo_engine.min.js.download	46 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/oo_engine.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen402 Hash 3023bde795e4926691e3691ace0d9356 053c86b53ec7bca624cffc3f6321697d35a1c5d5 1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5 Loading...

	rcu6.com/index_files/site-survey.min.js.download	7.5 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/site-survey.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen286 Hash 374ca92abaa98bc7b2f19fe64114a18b 4c0a1441026a9337d322d7ae5536df1427e5c140 7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806 Loading...

	rcu6.com/	33 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/ IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen15 Hash e5e346b7bab3e6cbcc9cec9c13bc5265 2ca39bf886a2e43e3a0f359e23d30e6b455a0cbf e9a021db128b1e1ebe14644b30f6aeed04690a07b3c1fc363871cbceaf3ce53d Loading...

	rcu6.com/	962 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/ IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 77d0938da96815782fe5ea7b037129d3 0798a7f4f0ab7c834499c69fcddc6e1ffc9d6637 97ac02eff2faf4bbfcfd9bc16f4f3b1c5836df34babfb45aef33a7a7bec8d177 Loading...

	rcu6.com/index_files/dest5.html	6.7 kB	2023-03-07	2024-03-23
Pretty URL rcu6.com/index_files/dest5.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	rcu6.com/index_files/postToServer.min.html	21 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/postToServer.min.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:54 Times Seen4 Hash c085cf73585c899d85a8653134613840 009b32136dac55f29f950cbae540a73d0ba4bf97 e5127d3ed0290f036795e20be1aa49369c0875d4b869f59573a4c20687cd17d7 Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c	183 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 41535f0a1dea2ced3fc1f8c21abb5790 fc6b5ae0e7e33a55f4bb39772661ef1da5122147 5bf6eeccf4ec2d34df1383d1ffb212b56b9ca7f3b299d3aad842f684f50a222d Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418144769&cv=11&fst=1670418144769&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418144769&cv=11&fst=1670418144769&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 286d80389e2cc368358e395ce1e9c3a6 a91477405321fd7b345a5744d06d8ba4f364578d 88e34381fe8a48360c367477b14c5d27609b1ee9ad22892b522b851d45a31a9d Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 23:03:12 Times Seen36968026 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rcu6.com/index_files/site_10006663_default.js.download	47 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/site_10006663_default.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen9 Hash bca24f1cd01f6281d6996ab7b9ccdfbe a08946199e8080b84a5f204323687a93cb416ee1 fe650baa63a09a5aa5b59475f20f6efd77aa359947779e5ec6f9ea9a3f0d4b3a Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	15 kB	2023-03-08	2023-09-14
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 23.36.79.32 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:58 Times Seen111 Hash c12dd0f8c53c6d8f8a5c845a2f892307 5e880be41d047f1b7754e93e8a44347d28482702 b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b Loading...

	rcu6.com/index_files/ytc.js.download	14 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ytc.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 262ad28777cd04301eaf1ed832269103 011e8f00197647efcc835622a0b327e6e7b07b07 5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582 Loading...

	rcu6.com/index_files/bat.js.download	25 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/bat.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash ad2da5f478b3ca25fc283c8039946a04 9dabae74978709f503e77ef81fbc8cfd367b8f25 079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3 Loading...

	rcu6.com/index_files/inqChatLaunch10006663.js.download	23 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/inqChatLaunch10006663.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen13 Hash fc28fe7671857c8fc6af5c725b6efa65 2602647796aa238b5a5f145e0f6892c2bad94e84 86598506c865db230133e34b3dc2d011e7877925d0a0b91389cddc518a166828 Loading...

	rcu6.com/index_files/vtt.global.min.js.download	21 kB	2023-03-07	2024-03-21
Pretty URL rcu6.com/index_files/vtt.global.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-03-21 22:59:09 Times Seen552 Hash f30dac97e5c2aaa10a7695b93cc66699 50c71ce19b49160495729339b0f15246120864b6 aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d Loading...

	rcu6.com/index_files/ads-blocking-detector.js.download	6.9 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ads-blocking-detector.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen9 Hash c0fb71d6f96440d1598b1f107a3d3317 0250d4eb5724b38ecb8f16e5ea571cce6b192b04 4b77972fc8b4afea3b15a7fe4fed727fc80a5253ff8b04ec09082e2f6e5248e5 Loading...

	huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js	7.6 kB	2023-03-07	2023-04-13
Pretty URL huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-04-13 23:00:32 Times Seen2 Hash 6904d7c5c142b5f9a02e58e1a1417087 500042b9f8aa2c337fdcfa34862070770a181556 e762c7b3f6e4d3d97cfe0ade7dcb8b91c9ff85f57f9e7885fa42626c71c7b092 Loading...

	rcu6.com/index_files/insight.min.js.download	3.6 kB	2023-03-08	2024-04-04
Pretty URL rcu6.com/index_files/insight.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2024-04-04 05:53:28 Times Seen29 Hash b51baa8e9e038597c2cbf9049c3270c6 10d9ab6b0c3fdb3fba54fa31ad200d8423366d1b 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Loading...

	rcu6.com/index_files/jquery-3.4.1.min.js.download	88 kB	2023-03-07	2024-04-19
Pretty URL rcu6.com/index_files/jquery-3.4.1.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-19 20:57:43 Times Seen95065 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774	145 kB	2023-03-08	2023-09-14
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 IP 52.51.219.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:59 Times Seen150 Hash 5828bc2a2ceaa2961527eedaf4167b77 166d54624e012273fa58054d82c8148435c6f51f d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28 Loading...

	huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js	5.1 kB	2023-03-08	2023-03-09
Pretty URL huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-09 02:16:59 Times Seen1 Hash 609fbd6bc0fe3ebbbdb1ce590758d2d3 b731b656d04768b94532edaf1dc67038a3fa583e da65d01dbbfda64a874f36dcc9c6ac3e1a053a21abe17aa0570c74367d615338 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418144747&cv=11&fst=1670418144747&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418144747&cv=11&fst=1670418144747&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 89891d5e2ace721232a310694b1293de b7085f898315551317e0e15ecd9391333a790868 de4988db19377396ecf2cbb8e0431c7138b872cc453b6037fd7eca5eba56fd8f Loading...

	rcu6.com/	146 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/ IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 4a7e15e261408d827197577b1747386e 1480fff1e160c567a9e06c781428cdd108916af9 38e339b1ebb43ce74fc52054456dacd2e38249d4d263aa60bb8ff854699c9b52 Loading...

	connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-11 20:42:53 Times Seen1 Hash 0871748edaeca245b413b140745b18e6 7d55633063ffaaea4ea403ac58142d016c8c1608 ac3f21acfd8eaab2ff1f00ea04f14be82266b0079e83a78770a10edeaacb499c Loading...

	rcu6.com/index_files/chat-fab.js.download	20 kB	2023-03-07	2024-04-06
Pretty URL rcu6.com/index_files/chat-fab.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2024-04-06 05:55:00 Times Seen247 Hash 2fb85e01b38ec473bd67a3ec442d9486 c3c6b95da9c8242f31cd0f3eb1399ca789f47ff7 bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e Loading...

	rcu6.com/index_files/outdated.min.js.download	1.1 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/outdated.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash c4ad5eca721cb2b662e55dc580893018 ed014d7db09aa41b8ff65728557436519e3a8aed 680fdb61543dbbef02c4f988dcf5c5960fc9506f5cb1a3097737a2f0ea980e32 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.247.8 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418144691&cv=11&fst=1670418144691&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418144691&cv=11&fst=1670418144691&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 5c3d534a1bd7026fe1d73915a4efec45 d9b420b8191033c7577dba4345a5d60fdc66d208 12da5e18514f32d3b0bb702d62b5457bae38bb958d61702441915e6685a3f45f Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.7245458438279806&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2F	317 B	2023-03-08	2023-03-08
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.7245458438279806&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2F IP 52.51.219.145 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 5c4b38349fd25358a0e511ccf40b52bb af3039db9dc7af687176d71f86bac6b561d1b3b7 dc880795477449cd5d1c1abe2762e9f9746a7d2f74acdbf2346a3316637ae0e5 Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	113 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 77640a5990e902ee37148002df38017d 4d7c02fe0e85a46a104a95497b25ebe7dc756f7b b3f55dba1349bb85ea5a7ffbff18a9cf2e38fc12be95dce75b4ab4440a079f23 Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	138 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:15 Times Seen1 Hash 6112575bd5ecbd7c0744464793141cf8 3bf1f00b3ce996e9eebdd71c4e3d1af2ee94a649 d51f045c62a4414db4e8270ec526b53bb649ea2c31757c7ff4c2cd6d1f1df7cd Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418144713&cv=11&fst=1670418144713&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418144713&cv=11&fst=1670418144713&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.34 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:52:12 Last Seen2023-03-08 20:52:12 Times Seen1 Hash 61f086a9a82b60751fefd596402a7189 5df376a7f3d22286a8964385e0a3e7ed38e393e4 16f60cf3fa1c75ac7622a568f245c48e164ba47a0bf58963572463e432870e7f Loading...

		Size	First Seen	Last Seen
	#1 Eval - 2ee58accb196af11debb695dc1b27a4d	20 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2ee58accb196af11debb695dc1b27a4d 683d57f49ae989c9bd8d09f9e6ca1c483010cc61 1ad74da51608a5830dc65b73a416e1182289e1e46f653e798c02b22f53d09e11 Loading...

	#2 Eval - 7e39ed720ec93e5fad95e53d0dcdfaa1	18 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 7e39ed720ec93e5fad95e53d0dcdfaa1 d1e532e06d343982612146fe96f2ed1023d547fa f152bee9780f82664f1561f59d4cfb7a8aa6490e08066899276dda831b3f3b53 Loading...

	#3 Eval - 561c579b1c992ddb6df4c14838c2f30c	22 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 561c579b1c992ddb6df4c14838c2f30c 76b6af2bdf3d11eb093a8d14bd665ba4f38638d9 594d5abbc9f4e285b8be7425b07db97f9c6306c800d8072081a003080ebd429f Loading...

	#4 Eval - 16434cb1948736e604365f82624577ee	23 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 16434cb1948736e604365f82624577ee 3bf3a89283ad989c0486bd7d04215d7adbdab884 ff00ecc4d338e97894d9afc638f3184b3ecab052c80d6b3377fbabe6afe3d71f Loading...

	#5 Eval - 2a8c58d31bff121aa3907026a152d737	28 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2a8c58d31bff121aa3907026a152d737 dcaa941e42ee5547ee017d615d309e59b1b57947 8a96d5c96f7c639f2c3d3fb2f4dc0da580f54d5e191f4674380da731e871bf1b Loading...

	#6 Eval - 02ca0a2b7dfe6ef50e45811e6139a0aa	30 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash 02ca0a2b7dfe6ef50e45811e6139a0aa 9ef378dd36388f1c5d527e4115a9ee804509824a 400dc27c5435c3ac3a33555c05ac84a993101f38b3c96ae17547026c1358152c Loading...

	#7 Eval - f235f34bea1f47d8e0018be4d63b325e	16 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash f235f34bea1f47d8e0018be4d63b325e b1835f5dc561a4c105bee05e6baa185a026c4828 44e8e2163cdbde2338d98ff05168f6c7f5d14796b2f8c39e94715fa766300dee Loading...

	#8 Eval - cf868d8d47b14a245d9dd5763458f791	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash cf868d8d47b14a245d9dd5763458f791 41f2d7008670a86e5fba13ce3d67231b3fb55cfc 92b445b1a5af92ca2a9349d1a8237ad3cdb081b4d6388a7e99f35593c23be6bb Loading...

	#9 Eval - 4edafc01dee4d31d150f7eef22cde69b	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 4edafc01dee4d31d150f7eef22cde69b 4e2cd90a697c35a575ce06ca65884193602962a0 a9a4ed8860c1ea2527c90e6bd39985850fd4a2627faad24560b2f3d877ea08d8 Loading...

	#10 Eval - 662e2bc9ea40f7815fc14ec2384c8151	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 662e2bc9ea40f7815fc14ec2384c8151 85490b4fc3e79b718bee28aad635cdbf0a709ca6 3d151b0dcd0bd79e4e6a5ae0535d85337c94a8f5c9447fb13974d4f75e5ca361 Loading...

	#11 Eval - f0bcb6054760742619dd8232ef3c0a10	15 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash f0bcb6054760742619dd8232ef3c0a10 5a6da0191a9465a2060a531f8670dba8ec1de60b a86a4ccc459fd4c19c3bc96fc9d54597c33198af95ec665dfb7e729c53ba3c2e Loading...

HTTP Transactions (184)

URL IP Response Size

rcu6.com/

45.133.200.3

200 OK

77 kB

URL HTTP/1.1
rcu6.com/
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (65462)
Size
77 kB (76886 bytes)
Hash
a8b2aa176887220b1e750b809899fc0c
366df89b07c0c3234b121913dfafc30eda932398
dacffbd7c637273ee0dc1e20ec5bc69d16c69ed38bdbd6474cc26f09e8ec34f7

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET / HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12498
Expires: Wed, 07 Dec 2022 16:30:40 GMT
Date: Wed, 07 Dec 2022 13:02:22 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2419
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:22 GMT
Last-Modified: Wed, 07 Dec 2022 12:22:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13684
Expires: Wed, 07 Dec 2022 16:50:26 GMT
Date: Wed, 07 Dec 2022 13:02:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 12:20:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2514
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZAnQP6GlVMV0YxBfd2P6y2+AKsmLe0kMiM6IpZjy2WMrwZwLnApAAzqz4yBL4H939HNMFj0u9Ac=
x-amz-request-id: NN7Z4FR5MPKQJ5H1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 12:49:22 GMT
age: 780
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:02:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/f.txt

45.133.200.3

200 OK

11 kB

URL HTTP/1.1
rcu6.com/index_files/f.txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2178)
Size
11 kB (10707 bytes)
Hash
9e120391b1445bfc8a515e6b89afe3f5
11bdbb0d38fd31061215db952d2582c213993a41
47267bd2d5fe706c248b9dc9c661700103a5f6006dd96f08a6c32e237b60ea8b

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f.txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/insight.min.js.download

45.133.200.3

200 OK

1.6 kB

URL HTTP/1.1
rcu6.com/index_files/insight.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (3577)
Size
1.6 kB (1576 bytes)
Hash
7bdf4661ce6abab2120ac346a3612058
dff1fe656645628e794209c01739ee5e95336999
886930d0ea428223e0f94506b4b58fc4a6f0f5906e30054b237e0197dcd79214

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/insight.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/ytc.js.download

45.133.200.3

200 OK

5.4 kB

URL HTTP/1.1
rcu6.com/index_files/ytc.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (14425), with no line terminators
Size
5.4 kB (5402 bytes)
Hash
5c22659ed572937e05833727e8f4a584
67bd23ee9158220d50843d0029704e672eb2405e
6c59667107d6b44e35ea0fcb09cb683262c17d4af67967b7c9425b81e6cbcc43

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ytc.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/bat.js.download

45.133.200.3

200 OK

7.7 kB

URL HTTP/1.1
rcu6.com/index_files/bat.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (25365), with no line terminators
Size
7.7 kB (7676 bytes)
Hash
b09794b457be07c7414b263198776b11
67741bdf8ce97757272f34917aab475b768d8deb
1389ff7051cdea2115d27f4313999891bad03e6287fe3ef1ef07ac4e0057cea3

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/bat.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

245 B

URL HTTP/1.1
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (317)
Size
245 B (245 bytes)
Hash
a7309779c48b334d766b986aecf5cddb
714a41e74edf262392c590e60e6eef99869d307a
49fd8d1bdd49f9207bc8dfe11bbd93dbaebd3b51218a2e294786703797a6554d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/fbevents.js.download

45.133.200.3

200 OK

55 kB

URL HTTP/1.1
rcu6.com/index_files/fbevents.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (41711)
Size
55 kB (54810 bytes)
Hash
79684b2fc18c6e003d0747a1b66b4794
80db7f5cc9bbd1510129549f9868431dec1f37f7
73e953dbffd99e765effdc6a94c2440dc573004340b31acf084b613d032a4de6

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/fbevents.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download

45.133.200.3

200 OK

62 kB

URL HTTP/1.1
rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1626)
Size
62 kB (62219 bytes)
Hash
141e11e309fdb988e32be71c7da45987
11cb014f0425fb9a168965b561d23c41fca35592
fb615084208716c4da546de3239500033d961cec32a78c15d5c79c5f8b7a84c4

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download

45.133.200.3

200 OK

29 kB

URL HTTP/1.1
rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1076)
Size
29 kB (29432 bytes)
Hash
be01d01f9f9f3c93343e51b5896c4a35
76460ba4d0a3f22736272ca0290d0abb423ead81
6d2f6cf60b985bde6202c5730039e6171a6513a3f2bf969cfebe2c355ec22d15

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/82154ef468aff3ad267e57006a5dd605.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/1.1
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 32829
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/jquery-3.4.1.min.js.download

45.133.200.3

200 OK

31 kB

URL HTTP/1.1
rcu6.com/index_files/jquery-3.4.1.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65451)
Size
31 kB (30908 bytes)
Hash
70ae57c52553459fc7e2740d86e28d43
905b3ee7cd29abbfbd21bd4e48a0de2890e8e5c3
5663ddb0bccc63ab7f656836cc2224cca38d7466a38b64ae5b1e758615821778

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/jquery-3.4.1.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/site-survey.min.css

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/site-survey.min.css
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (4339)
Size
1.1 kB (1135 bytes)
Hash
63d09db2bd679641083c0aff8ab3b1b4
d79dba31f3f0bf25b02f2839996f97e50878284f
d3e564ec855a3d8a6cad6a96c725ed3a4770325088ccb3b5c14afaf86c749d50

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.css HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Fri, 06 Jan 2023 13:02:23 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/inqChatLaunch10006663.js.download

45.133.200.3

200 OK

6.6 kB

URL HTTP/1.1
rcu6.com/index_files/inqChatLaunch10006663.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (999)
Size
6.6 kB (6573 bytes)
Hash
ebf4fde85513ce8f6dd823229e359678
ec2f7158af412839444a6069f097c305ddb01e40
9dd203fdfe9e9acfd94546df79c1d54a8434941ed970bfced93fa9bfb70ae256

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/inqChatLaunch10006663.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/toolkit.min.js.download

45.133.200.3

200 OK

129 kB

URL HTTP/1.1
rcu6.com/index_files/toolkit.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
129 kB (128559 bytes)
Hash
8dfbd062ffedc4751e66f8ca2284598a
c86069c6826c6f66fffc09eb4177818413f87253
a08eb6d8b098f1eb960a8c7dd27fff5360be997800d7a18f68005f2f5515347d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/toolkit.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/oo_engine.min.js.download

45.133.200.3

200 OK

12 kB

URL HTTP/1.1
rcu6.com/index_files/oo_engine.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (45689), with no line terminators
Size
12 kB (12307 bytes)
Hash
e45837c55805cce944b422746f556a39
1ea5a420c8e0612b3513679af7cee0d87d6afe2e
37bfd875914b6d2c2a9b20ffac4aa1c09d2bf689f6112e99bbfc7d053be572d0

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_engine.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/index.min.js.download

45.133.200.3

200 OK

114 kB

URL HTTP/1.1
rcu6.com/index_files/index.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
114 kB (114079 bytes)
Hash
91f992f5af0a5c4dd8b9cba70a278291
4e7687d6619da7d59a4260bdc3d7b496510c7b67
e516f9b83f9f8669f50d294b13d125c6356b3877e99317d52541f8f52ec1b431

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/index.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2363), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
17e4836ec326947f02ea476bdfe36e6d
cccd88b1907fa766f8ef708397ee968a6c22927e
db73f4b968037c9ba8ed7be2d42213db46107f13ae86ce255d55e6a5a7006266

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/chat-fab.js.download

45.133.200.3

200 OK

6.3 kB

URL HTTP/1.1
rcu6.com/index_files/chat-fab.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19644)
Size
6.3 kB (6323 bytes)
Hash
193ba8444b77f08b1eb325e0aee68745
aa0975262462a6960b234e579c28e53d03f1806d
2dd8bdb1439ebad9950f78a4adba3be7e2e9cfb9f83881a4deaf732c57417e73

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/chat-fab.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/outdated.min.js.download

45.133.200.3

200 OK

580 B

URL HTTP/1.1
rcu6.com/index_files/outdated.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1083)
Size
580 B (580 bytes)
Hash
1092d509c02f6352093dd0991fcd517b
f2b07135845174cc694d4b23cf721ee94c1a4298
cf92f08f9a232899bdf740305ee5fb5ded6374b783ca8e4859ea351f76c20dd4

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/outdated.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/site-survey.min.js.download

45.133.200.3

200 OK

2.8 kB

URL HTTP/1.1
rcu6.com/index_files/site-survey.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (7496)
Size
2.8 kB (2814 bytes)
Hash
fa7430e7735dcd145aecd7174b7bb6f9
fe6fe710c6d27cef3a68b39f8c956378761ffb5d
aa5f7e98e35aa5a4e7f9f682e9457e4f10de89444bd7754419178834cfa66a81

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/sp.pl(1).download

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl(1).download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl(1).download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 662
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 153
Cache-Control: max-age=130774
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:23 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 01:21:57 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 153
Cache-Control: max-age=130774
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:23 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 01:21:57 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6504
Cache-Control: max-age=137125
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:23 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 03:07:48 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9259f61309a35368d0f7ac74cc45f52a
f74c40f592ef73bae7e8061bc89a84a83a4c5d81
e08bc987aae3e4e1fc88f72faa077e7384541599895b6b4d1faeb9993e569a00

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 716
Cache-Control: max-age=131337
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:23 GMT
Etag: "638fea1c-1d7"
Expires: Fri, 09 Dec 2022 01:31:20 GMT
Last-Modified: Wed, 07 Dec 2022 01:19:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

95.101.10.201

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19712
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1293310310", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1128062
expires: Tue, 20 Dec 2022 14:23:25 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

245 B

URL HTTP/1.1
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (317)
Size
245 B (245 bytes)
Hash
a7309779c48b334d766b986aecf5cddb
714a41e74edf262392c590e60e6eef99869d307a
49fd8d1bdd49f9207bc8dfe11bbd93dbaebd3b51218a2e294786703797a6554d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/lockup.svg

45.133.200.3

200 OK

1.4 kB

URL HTTP/1.1
rcu6.com/index_files/lockup.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (3937), with CRLF line terminators
Size
1.4 kB (1420 bytes)
Hash
90002463cd647f45170da29025d307c8
0c4fab566cd4ef37c0e594d54fa8424f6a296d8a
f03472b08b791ca4ecbd74fe8efb0c1c928f80addb0d2d2441551b1169606ff9

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/lockup.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/oo_icon_retina_black.gif

45.133.200.3

200 OK

552 B

URL HTTP/1.1
rcu6.com/index_files/oo_icon_retina_black.gif
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_icon_retina_black.gif HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/gif
Content-Length: 552
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

95.101.10.201

200 OK

19 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 18636
content-type: application/font-woff2
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1085110854", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1695149
expires: Tue, 27 Dec 2022 03:54:52 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/hero-mobile-woman-standing.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/1.1
rcu6.com/index_files/hero-mobile-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (34344 bytes)
Hash
097569ac7ca97d9d6538a35d6ab28927
c39c33070b20c2f7d92866e4e915e65944d62766
330892c01cfa66bf7c89a67960cdb733ea6fe00cce8e5cd05df1f54ca5fe3f65

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/hero-mobile-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 34344
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2

95.101.10.201

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19976
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1925847586", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1308140
expires: Thu, 22 Dec 2022 16:24:43 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/v-mobile-white-glasses-grn.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/1.1
rcu6.com/index_files/v-mobile-white-glasses-grn.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (33545 bytes)
Hash
a0d1664331d8eb21ff5dee44dfa8f50e
6fe36cc3bb0fb70a92a0285a1b82b26d838f5371
2bb709222096c8b6748a66c23e1ba6fc88c0d1520425b0c7982b24be1eecada5

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-white-glasses-grn.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 33545
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg

45.133.200.3

200 OK

236 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
ef60e363ad319ed80a9726e47dfb7fde
bdfd20cdabe3b80ebdf6f38528ea696af6ef9ee7
5c4c8971c0dbcb22c58ef1601a338af72af941e616da0b51a551a102582094ca

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-lightgreen.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Content-Length: 236
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 12:11:20 GMT
cache-control: public,max-age=3600
age: 3063
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/icon_arrow-simple-down-green.svg

45.133.200.3

200 OK

251 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-down-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
251 B (251 bytes)
Hash
f8c517c8e11bb3b923c3b40d5a97a558
aec1f36fbbce0c666d22e3111dc8cea51cd66d8a
205542c1a66e2af533470d79ab37d6dcceb6e62b3b0ed44dd28a185a009fa64f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-down-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Content-Length: 251
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/v-mobile-business-woman-standing.jpg

45.133.200.3

200 OK

26 kB

URL HTTP/1.1
rcu6.com/index_files/v-mobile-business-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x480, components 3\012- data
Size
26 kB (25812 bytes)
Hash
b8c9c25b56c5bc795c02895e55d00ab9
c9e7f5f939525f6dd6ae7abae39d5cb7b6eb40fe
13f5b82be3a4369ef637e7963b1b62af963de2e9087a6767df07c18356fc0d66

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-business-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 25812
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_ENERGY_RGB_Location.png

45.133.200.3

200 OK

7.5 kB

URL HTTP/1.1
rcu6.com/index_files/icon_ENERGY_RGB_Location.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7543 bytes)
Hash
a58a87032c6c7175484ded7dcc54917e
6e00910f7b8d37f45918a7f20d5384e2e3ac363a
e4190662de958e1a2c8377c7ff106609da73fc394c8991ebd9ab81368e129b9c

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_ENERGY_RGB_Location.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/png
Content-Length: 7543
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/0

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/0
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/0 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/icon_arrow-simple-right-green.svg

45.133.200.3

200 OK

236 B

URL HTTP/1.1
rcu6.com/index_files/icon_arrow-simple-right-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
c15fb067b96520fab546ea19cbdec4cf
6e12531154a8eae1ffd69a304adef6e36b7f7395
c02e4c11a4c75d01c124759b5c9e9ea61ab52faca11dacd13fd4f36b111c61d9

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Content-Length: 236
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/jd-power-award-2019-mobile-online.png

45.133.200.3

200 OK

64 kB

URL HTTP/1.1
rcu6.com/index_files/jd-power-award-2019-mobile-online.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 406 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64084 bytes)
Hash
8d223f884315d4a6cbe5ec5ae6e5d56c
e69f13b1a66d9bda11112758a50d2cd666a9624d
2f1795a79395cc96ae535538ae9dcd826f83e2f8b6d998dab5d122f5ec1594b5

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/jd-power-award-2019-mobile-online.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/png
Content-Length: 64084
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/west-broad-elementary-kids.jpg

45.133.200.3

200 OK

32 kB

URL HTTP/1.1
rcu6.com/index_files/west-broad-elementary-kids.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x308, components 3\012- data
Size
32 kB (32055 bytes)
Hash
dc55374efaafedc5193b9f4c57e8f1a1
3dd9bd8ce4d6ef2eb8cd882ed580d57fc6991393
0dab592cbf8f71bce76059647380cb6e82ecb8c96b0e2d45c271563af101da3f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/west-broad-elementary-kids.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 32055
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/f(1).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(1).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2481), with no line terminators
Size
1.1 kB (1091 bytes)
Hash
6f7f515205027a83b55900908b3d6109
696752d6d1f6558e29bfe47077fb00731dbf9f7f
96290b705666e12aa9dcdcb5d245674174382b0f4aa693b52affcc5a48ae2105

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(1).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/columbus-urban-league.jpg

45.133.200.3

200 OK

38 kB

URL HTTP/1.1
rcu6.com/index_files/columbus-urban-league.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x309, components 3\012- data
Size
38 kB (38135 bytes)
Hash
c387f7385b09799a1ed335ea997d838f
ef5c0a09094bcc0184b3445846146bfd844a880f
8dd84ba8c46c05c00cc9ee5ca020b95f976a0087cc3a70253bf3ff561ea66c3a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/columbus-urban-league.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 38135
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/1.1
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 32829
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/CML-hero-NEW-mobile.jpg

45.133.200.3

200 OK

173 kB

URL HTTP/1.1
rcu6.com/index_files/CML-hero-NEW-mobile.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=725, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1400], progressive, precision 8, 1400x725, components 3\012- data
Size
173 kB (172824 bytes)
Hash
91f8937c5225b661b1e8fa0c5a0906ac
4c507a0f9431e566dcb6a287d61e50870b99e2af
00fb13972a54aee58558dd11a63c70737a3462decfaa67606684f694b45b44da

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/CML-hero-NEW-mobile.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 172824
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/pelotonia-riders.jpg

45.133.200.3

200 OK

83 kB

URL HTTP/1.1
rcu6.com/index_files/pelotonia-riders.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 675x379, components 3\012- data
Size
83 kB (82993 bytes)
Hash
d0a3a0ddf6579ddb74b4aabe794c7273
a1402b31d2070f37f63b6b2ee9dd778683f38990
0fe72bc26a43b42874029da0f84022b13dc1c61915ed121ab03b6b3e0fa5b690

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/pelotonia-riders.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 82993
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg

45.133.200.3

200 OK

151 kB

URL HTTP/1.1
rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x801, components 3\012- data
Size
151 kB (151142 bytes)
Hash
81deb151736e7ae75ea57e2085465344
04b2e330b890ad5eb654f50935ebeb2fba9e4f46
5964da57696a9334edd52b5b0d89c3489323d3174a716b1601c74afa042cd1ed

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-desktop-privatebank-man-on-chair.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/jpeg
Content-Length: 151142
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/EHL_Black_HouseOnly.svg

45.133.200.3

200 OK

362 B

URL HTTP/1.1
rcu6.com/index_files/EHL_Black_HouseOnly.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
362 B (362 bytes)
Hash
154fab8e5b522f196f0ee37531af9c86
ebe3f81861334d969b43620e2637dd3357870aa0
9020cc818e67a2cbd69bbcef14df9e2bbe1af307f6311e7604ae15a26355f0e2

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/EHL_Black_HouseOnly.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/logo-honeycomb.svg

45.133.200.3

200 OK

435 B

URL HTTP/1.1
rcu6.com/index_files/logo-honeycomb.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document, Unicode text, UTF-8 (with BOM) text, with very long lines (841), with no line terminators
Size
435 B (435 bytes)
Hash
1e8ab5050c6d9f1b254f92c9f9cb1842
4213f9baa531ca13becb8fac61701243474f9fc1
4d881d3e3a79ee19b069ba39938689bfca1f42c7fa47ecbe20fd2a390056e497

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/logo-honeycomb.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
Expires: Sun, 05 Feb 2023 13:02:23 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/0(1)

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/0(1)
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/0(1) HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 0
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

1.1 kB

URL HTTP/1.1
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (2363), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
17e4836ec326947f02ea476bdfe36e6d
cccd88b1907fa766f8ef708397ee968a6c22927e
db73f4b968037c9ba8ed7be2d42213db46107f13ae86ce255d55e6a5a7006266

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2

95.101.10.201

200 OK

21 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 20592
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-2003766400"
x-ua-compatible: IE=edge
cache-control: public, max-age=2032887
expires: Sat, 31 Dec 2022 01:43:50 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2404
Cache-Control: max-age=161071
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:23 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:46:54 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

rcu6.com/fonts/muli-v11-latin-700.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-700.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-600.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-600.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-600.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-300.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-300.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA

95.101.10.201

200 OK

5.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5672 bytes)
Hash
8976af11a2fb4ffb56c2de37d1501a5c
9131cc4c70a5f09777eca0163cfe001841f121ab
27f5c7ecff862d66273a687cd0193b65d06cc3ab748d76e885ae39b295df9d06

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: d2a2c6d72c0a4a7883edfc4fc924ad35
last-modified: Wed, 08 Jun 2022 20:23:36 GMT
server: Akamai Image Manager
content-length: 5672
content-type: image/webp
cache-control: private, no-transform, max-age=153838
expires: Fri, 09 Dec 2022 07:46:21 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157

95.101.10.201

200 OK

1.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 814 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
e275909623f8a06dea733b9f50d68189
ee712255204c913c4adb9a2a9cd0f9ba9971ea8c
11c468e07fa0178954d85e2789a16c1c3d4d1b55ab5ca9f86f9f6512d1136b93

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 76a4f8542fb0448e94b8414051022b40
last-modified: Wed, 08 Jun 2022 21:50:39 GMT
server: Akamai Image Manager
content-length: 1709
content-type: image/png
cache-control: private, no-transform, max-age=156368
expires: Fri, 09 Dec 2022 08:28:31 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9

95.101.10.201

200 OK

14 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14408 bytes)
Hash
ed356b3bede532165cb20ff1a100bf79
f1309cf6ed05e63704e4f63419807fc7764d76ea
db95aed35b2785ab0bcce9d4364fe30f6bd04f2d68cb3411f1cac43667d0e2d7

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern2-flipped.png?rev=f4c179ded56e412d818b5d7e0f387ba5&h=544&w=1258&la=en&hash=0E38C798934E18F877D3B4F8BBC6FAA9 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: ed53b70faaa446babf67dfa1dcd7dfe4
last-modified: Wed, 08 Jun 2022 20:13:40 GMT
server: Akamai Image Manager
x-serial: 1629
x-check-cacheable: YES
content-length: 14408
content-type: image/webp
cache-control: private, no-transform, max-age=151619
expires: Fri, 09 Dec 2022 07:09:22 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209

95.101.10.201

200 OK

48 B

URL HTTP/2
www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 10x10, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
48 B (48 bytes)
Hash
6cbb1156f106670a020e38cf19fcc217
1b7325891051a3dc891b704084a7df0f8579c37d
a26c2e015e5e7986a5f83c09da99d9a7ab04c42d650ac2a69d680538e82eb1dd

HTTP Headers

GET /-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 77183e5a07ca45fcbaf010bf53aff281
last-modified: Fri, 14 Oct 2022 11:49:17 GMT
server: Akamai Image Manager
content-length: 48
content-type: image/webp
cache-control: private, no-transform, max-age=471687
expires: Tue, 13 Dec 2022 00:03:50 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Book.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Book.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/home/hero/hero-desktop-woman-standing.jpg?rev=34ca651bbd8f449380a7acee07195f01&h=725&w=1400&la=en&hash=E39B564B743DD30363FE92C050337190

95.101.10.201

200 OK

26 kB

URL HTTP/2
www.huntington.com/-/media/hcom/home/hero/hero-desktop-woman-standing.jpg?rev=34ca651bbd8f449380a7acee07195f01&h=725&w=1400&la=en&hash=E39B564B743DD30363FE92C050337190
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x725, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (25552 bytes)
Hash
bc049a02b66a93986c2a9498187e17ab
411717ffdb94a4f5c2f920c5edcce4953786585d
849746c610604a0369383783741fc01dc8ba1f5d52f3738521e25fab65eb58a7

HTTP Headers

GET /-/media/hcom/home/hero/hero-desktop-woman-standing.jpg?rev=34ca651bbd8f449380a7acee07195f01&h=725&w=1400&la=en&hash=E39B564B743DD30363FE92C050337190 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: ab69b6adf81f43d6a27d529587ff7ac6
last-modified: Mon, 31 Oct 2022 10:49:23 GMT
server: Akamai Image Manager
x-serial: 1176
x-check-cacheable: YES
content-length: 25552
content-type: image/webp
cache-control: private, no-transform, max-age=278356
expires: Sat, 10 Dec 2022 18:21:39 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F

95.101.10.201

200 OK

10 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
10 kB (10388 bytes)
Hash
10b43fef9c52b9d14a97c7ca5ce00b13
b3976f1f9a817c80c98040df7f6eafbb1e5396ee
42836d28ddb87bdb39b52eabe6038e5f1541efe542515adddcfb8efb17ea020c

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 4fb20a3a01f5492ca8289996b580052a
last-modified: Thu, 09 Jun 2022 17:50:18 GMT
server: Akamai Image Manager
content-length: 10388
content-type: image/webp
cache-control: private, no-transform, max-age=68527
expires: Thu, 08 Dec 2022 08:04:30 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E

95.101.10.201

200 OK

3.6 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.6 kB (3568 bytes)
Hash
56604a7df3f4c9c9b03ec95a8a54b3db
ed50b495fcc27a35158336e37098001191cf4a54
815f38d3f26ce6455ca858ce73abb3bf6192065c09e8c7118eb736ed20e6dbb9

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 8ac43a653e8f4954b8919fe5d18f2481
last-modified: Thu, 09 Jun 2022 18:21:54 GMT
server: Akamai Image Manager
x-serial: 998
x-check-cacheable: YES
content-length: 3568
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Thu, 08 Dec 2022 01:02:23 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e

95.101.10.201

200 OK

120 kB

URL HTTP/2
www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 982x1270, components 3\012- data
Size
120 kB (119802 bytes)
Hash
5ae74a975c38365d32213c22d43bb7ea
55e76e42524741c38d83f7fdf26b6c892050ab87
ec251060273f77a254fa4766a6a103c02f34ce37f1250b688a86f048c885585c

HTTP Headers

GET /-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 2206b44971fd446d95c06e37683211a2
last-modified: Wed, 08 Jun 2022 20:16:41 GMT
server: Akamai Image Manager
content-length: 119802
content-type: image/jpeg
cache-control: private, no-transform, max-age=123149
expires: Thu, 08 Dec 2022 23:14:52 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/Bootstrap.js.download

45.133.200.3

200 OK

16 kB

URL HTTP/1.1
rcu6.com/index_files/Bootstrap.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
16 kB (15490 bytes)
Hash
951228a305b66576a1ea5e8c0de62b9b
46af907560964bbbe009b2ccad280ea33a743af3
9a752738f5e04abde40c93be70a7b5bcca992d206864ce95f7825bfb7081afd0

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/Bootstrap.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/nuanceChat.html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/nuanceChat.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39157)
Size
10 kB (10427 bytes)
Hash
c17602da7ee65c095997507dc05409b5
40cc86b4b4500c7474e85817bd70b8de23da6bcc
d30e7cd4571d41d58b098279d395a8c833e9ef506ca386ffbe0253674bcfd4ac

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/nuanceChat.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi(1).html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi(1).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10383 bytes)
Hash
60d756468fb835fc12cbcf5facb1240a
6ccc7817e45707432fa72a45aaaef8a937a85d4c
1781e7d7cb0de6af4ea25ad6282930ab4ab9f3edc650905d0e04f1c33bc69faa

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(1).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi.html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10376 bytes)
Hash
6407abad084e7cec781df39f65144b8e
05112c0e133ba3c328c139e6afbc68b9f198cf4a
0ccd314537fcfa535aab32727e29d27c68512077f7d0f4c9017e10fa91f7aa82

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/dest5.html

45.133.200.3

200 OK

13 kB

URL HTTP/1.1
rcu6.com/index_files/dest5.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39172)
Size
13 kB (12812 bytes)
Hash
ff9d4ce7b23b16e751778b9b7db68a4a
5d4c4a9b965531b47d64cd9a386ce0e85e3d4cc1
1755659d1b6b8d1b4ea20fefe959efc053e6f7b80577d32cb958d9429c7ff78c

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/dest5.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/activityi(2).html

45.133.200.3

200 OK

10 kB

URL HTTP/1.1
rcu6.com/index_files/activityi(2).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39448)
Size
10 kB (10295 bytes)
Hash
d98e27adb0f77a62ddf42b21485c581a
c07f9b26535af18befd9ecf3d5b222866f8cd7f0
9be967cc4b4673c040c64b92c7a7d2cacf5d604a798b8da50a85184222bcdeb7

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(2).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/1.1
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 500 Internal Server Error
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 662
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3

95.101.10.201

200 OK

42 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 710x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
42 kB (42250 bytes)
Hash
6f05a70c13af36e7fe5e62cfe6fbf57f
39e32f5cfc4132dce53bc536f05e5425a9832ae1
aa0467ff6a034d37cae7552dd7a9ecda5d0e1add6e70fe88f8b123ebd6fc524f

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 5cb85c318c894340af50f107ee9f1c66
last-modified: Wed, 08 Jun 2022 19:55:58 GMT
server: Akamai Image Manager
x-serial: 1550
x-check-cacheable: YES
content-length: 42250
content-type: image/webp
cache-control: private, no-transform, max-age=309232
expires: Sun, 11 Dec 2022 02:56:15 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95

95.101.10.201

200 OK

980 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2132), with CRLF line terminators
Size
980 B (980 bytes)
Hash
b458b2b05ca5d4504443dc1acd27e1b3
28840cccc8d7a75ea11f681fe0c692aea1f4eb5d
1d0cb599a83bda7ac4da5d34139d74016fac29366d04abfeb28d74b609860c76

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 7d2f6b352081426d90293ee580660924
last-modified: Wed, 05 Jun 2019 17:55:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_check.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1299938862"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2483386
expires: Thu, 05 Jan 2023 06:52:09 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
content-length: 980
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e

95.101.10.201

200 OK

91 kB

URL HTTP/2
www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x725, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
91 kB (91194 bytes)
Hash
a2931179dfaf48bba6876efb015b4f3c
7d7d6a94bd8a226cc38ab3c6134edb16b7e9f6ae
7a738c847e87cff5e7e3c8bc690528d4fda210f9f13362f627f6d18e1098bc24

HTTP Headers

GET /-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 7cebda52e3374a859172a0af2ce73326
last-modified: Wed, 08 Jun 2022 21:50:12 GMT
server: Akamai Image Manager
x-serial: 149
x-check-cacheable: YES
content-length: 91194
content-type: image/webp
cache-control: private, no-transform, max-age=342142
expires: Sun, 11 Dec 2022 12:04:45 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c

95.101.10.201

200 OK

92 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
92 kB (91480 bytes)
Hash
ce99a1fb536d02f0dcc782ffb8438c0c
25560e8eca53546add5f3369e769b4b0b1d43557
0b5a268c9e87c892162c2771ad7e2e38a7fed8093583f95b29295ea8d582f80c

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: efd57170b2f44cc3b266f06b8d9243c7
last-modified: Thu, 09 Jun 2022 17:54:43 GMT
server: Akamai Image Manager
content-length: 91480
content-type: image/webp
cache-control: private, no-transform, max-age=313857
expires: Sun, 11 Dec 2022 04:13:20 GMT
date: Wed, 07 Dec 2022 13:02:23 GMT
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.39.94.191

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.94.191:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 32jCVp4Z2+SMoaQfgFUtTA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bNtQKuYPM4e25Y0ES97fee0/zdM=

www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

95.101.10.201

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4339)
Size
1.2 kB (1249 bytes)
Hash
19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78

HTTP Headers

GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "01efff054ccd81:0"
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-943239442"
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=1636035
expires: Mon, 26 Dec 2022 11:29:39 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2

95.101.10.201

200 OK

993 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1811), with CRLF line terminators
Size
993 B (993 bytes)
Hash
cac6c8de29569656e3d94fa40e6dea0c
deb5ec56b0c824f8c1e4c24e4c5af4ddb4b80fde
b064f32f5470e9dd978f554b692b13a158f8ba3d39d18937b523e8b09d226877

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: dcfd27c09cc34b5e842ea415ae9880e6
last-modified: Wed, 05 Jun 2019 17:59:00 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_people-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="393002662"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2480861
expires: Thu, 05 Jan 2023 06:10:05 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
content-length: 993
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-700.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-700.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be

95.101.10.201

200 OK

400 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
400 B (400 bytes)
Hash
9c75d30bead00eb80005940547a8a8bb
948e77324d5a0f9709bddb0b1438cd7a271337e8
8781a8a5abfa3b4adbfbe3a8b3028d7f6516b65432cebd89a51cf655a360d441

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 400
content-type: image/svg+xml
etag: fa17d379df254ed5a6f66038800ebf7d
last-modified: Wed, 05 Jun 2019 17:54:26 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_arrow-right.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-85583598"
x-ua-compatible: IE=edge
cache-control: public, max-age=2402066
expires: Wed, 04 Jan 2023 08:16:50 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-600.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-600.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-600.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Book.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Book.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

rcu6.com/fonts/muli-v11-latin-300.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/1.1
rcu6.com/fonts/muli-v11-latin-300.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rcu6.com/index_files/toolkit.min.css

HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 315
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe

95.101.10.201

200 OK

47 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x810, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
47 kB (46614 bytes)
Hash
f46268f2799d168f6a57d30321938f75
7dbb0732e4a0bb2aad4a24274f37867ccff0846e
1214167d2deea4ca58c92c53ce99080170ca94aa5c5d9c226fec34c68370bf49

HTTP Headers

GET /-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: c69b1afaa18b4dcd9f9d1422ebfd2153
last-modified: Fri, 11 Nov 2022 21:24:13 GMT
server: Akamai Image Manager
x-serial: 282
x-check-cacheable: YES
content-length: 46614
content-type: image/webp
cache-control: private, no-transform, max-age=118633
expires: Thu, 08 Dec 2022 21:59:37 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0

95.101.10.201

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1384 bytes)
Hash
1ac44f61f40159cf891a29575701fa00
7b0aecb51d7c565310e39c1946704aec22748d37
36a47ff572326ab045f24fbb8fa2d835e093fee269316de3446272248d2f5a04

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: d3efa4d87fc24098b87f344a935558be
last-modified: Wed, 05 Jun 2019 17:56:55 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="2034578980"
x-ua-compatible: IE=edge
content-length: 1384
cache-control: public, max-age=2478056
expires: Thu, 05 Jan 2023 05:23:20 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/1.1
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 66005
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

95.101.10.201

200 OK

14 kB

URL HTTP/2
www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45689), with no line terminators
Size
14 kB (14478 bytes)
Hash
1ee15309bb313a5479cf9d3c90953de2
0e1c797088d6be92035bff7e5495b3a953b5a6b4
a57d97a52e080f530b7c9e39563b957174720ed6c8b57a119321ad4f9b70b7bf

HTTP Headers

GET /Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "0f59ebaf2e3d81:0"
last-modified: Wed, 19 Oct 2022 19:41:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1375069942"
x-ua-compatible: IE=edge
content-length: 14478
cache-control: public, max-age=1592690
expires: Sun, 25 Dec 2022 23:27:14 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/site_10006663_default.js.download

45.133.200.3

200 OK

9.2 kB

URL HTTP/1.1
rcu6.com/index_files/site_10006663_default.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (22091)
Size
9.2 kB (9162 bytes)
Hash
be57db32f5a9906716069ada79401278
39bf1f856fe9be256d6ef27fb3ed413cfb1bd545
2a9ed68d31ad01792f47c0629170acf2568038cfcee438e0c4ddf95466d2738f

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/site_10006663_default.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/ads-blocking-detector.js.download

45.133.200.3

200 OK

2.0 kB

URL HTTP/1.1
rcu6.com/index_files/ads-blocking-detector.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text
Size
2.0 kB (1970 bytes)
Hash
e477e07ecebd567560d3a7e266a67dd2
bdb9989c4513effa36e9fbb2c0b878f320864bda
211bd742e866fd7cd0c2d9a36828488440d2101c6bc5d1bffb5a1298a7c7cc1e

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ads-blocking-detector.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi(2).html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/tcFramework.min.js.download

45.133.200.3

200 OK

128 kB

URL HTTP/1.1
rcu6.com/index_files/tcFramework.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (3061)
Size
128 kB (128543 bytes)
Hash
39f26c933162aaa7bac78f69a67d5351
2fbbe92e185c575ac8e2f4b0c42a9b89060883e2
92008e8620273136d5083034149b2a1ad396bff9fb8fb254e043a317f27d3085

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/tcFramework.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA

45.133.200.3

200 OK

42 B

URL HTTP/1.1
rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/activityi(1).html

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:36 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif

95.101.10.201

200 OK

217 B

URL HTTP/2
www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 18 x 18, 8-bit grayscale, non-interlaced\012- data
Size
217 B (217 bytes)
Hash
756ea9671899d785a86de4dcc11af817
89c6975e8d8a858e94aeed1c69b010abf2afd563
6d8a2316b98743b83355626f124d5c4299b1eba9c478aa94df90960437de5d7e

HTTP Headers

GET /Presentation/onlineopinionV5/oo_icon_retina_black.gif HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "09cbc8223f9d81:0"
last-modified: Sat, 19 Nov 2022 16:33:09 GMT
server: Akamai Image Manager
x-serial: 430
x-check-cacheable: YES
content-length: 217
content-type: image/png
cache-control: private, no-transform, max-age=151433
expires: Fri, 09 Dec 2022 07:06:17 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9

95.101.10.201

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1387 bytes)
Hash
530a243cc209cd8afce6d3a197c5bd17
e5a7c57ce240c2ac73e936359600a30ae62fd58a
8c46775a644575089db972ec9730ca8107c1f5c22f34b2dfaeb0764f59fcc767

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: bcda849763ff48be83f5925ec46aa828
last-modified: Wed, 05 Jun 2019 17:57:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="372588084"
x-ua-compatible: IE=edge
content-length: 1387
cache-control: public, max-age=2483537
expires: Thu, 05 Jan 2023 06:54:41 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf

95.101.10.201

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2280), with CRLF line terminators
Size
1.2 kB (1175 bytes)
Hash
fdb0d7da9f5dc5e4542c13cdbcf47ed6
070fa7b80f5b3bdc7488310cd2bfe488723ebbb4
a68268f938c5db2376f145fb4bca2598f5933edc3f0a891a376df9870f49e1d2

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 4e8db6ed00a645e18ee39fe6b51a08be
last-modified: Wed, 05 Jun 2019 17:56:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_hand.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="153957351"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2480854
expires: Thu, 05 Jan 2023 06:09:58 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
content-length: 1175
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190

95.101.10.201

200 OK

692 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1072), with CRLF line terminators
Size
692 B (692 bytes)
Hash
54a931f3d67d12eebfaa0b1b8170de5f
d4155b224a910c1ed02e86dbe36ca2c2a23d3bdf
c693de0e38e83e571ce78ac4c1bec5e71ce484d239d3c8f1ef44c7a8f29dc2e9

HTTP Headers

GET /-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_SecureLock.svg?rev=a8b52a2e7284441cae9630abfa6b1190 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: b6512779b80f4446945dfa410d8d0245
last-modified: Wed, 15 Apr 2020 14:42:16 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="HNB_icon_DARK_RGB_34x34_SecureLock.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1260656347"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2480761
expires: Thu, 05 Jan 2023 06:08:25 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
content-length: 692
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12

95.101.10.201

200 OK

1.1 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12
IP
95.101.10.201:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3770), with CRLF line terminators
Size
1.1 kB (1139 bytes)
Hash
1a230e5e8908d4ec9bd6bd525095ed31
5f49b0c7686d56b6371e69ad9e8908240de0f345
bc023d7b3178af0a08eb58d08801599665c12f6fb08faf31c843633728cd6d52

HTTP Headers

GET /-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 53a09414b63d41d48397fd1719ed6944
last-modified: Wed, 15 Apr 2020 14:40:36 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="HNB_icon_DARK_RGB_34x34_Corporate.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-349417419"
x-ua-compatible: IE=edge
content-length: 1139
cache-control: public, max-age=2480801
expires: Thu, 05 Jan 2023 06:09:05 GMT
date: Wed, 07 Dec 2022 13:02:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/postToServer.min.html

45.133.200.3

200 OK

17 kB

URL HTTP/1.1
rcu6.com/index_files/postToServer.min.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (39265)
Size
17 kB (16806 bytes)
Hash
ad367688fdd81da80f221274b4553073
7f624729318cbd11a2ff1c2aca9c92e428d343dd
6879c6408488f39dedebccbbc67e548e6b11f79df2a951ae20cef7580ffffb7e

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/postToServer.min.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/index_files/nuanceChat.html
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:42 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
025aa37ca8ed1182853743ad63a8766a
37ab26de840c513085561490c1ddb2122d85fe40
dead6ae57c6700ba74d5107628983b595bc35275b32699ced82cc31d1979054c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6417
Cache-Control: max-age=144213
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:24 GMT
Etag: "63900624-1d7"
Expires: Fri, 09 Dec 2022 05:05:57 GMT
Last-Modified: Wed, 07 Dec 2022 03:19:00 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471

players.brightcove.net/1317241590001/default_default/index.min.js

23.38.201.31

200 OK

113 kB

URL HTTP/1.1
players.brightcove.net/1317241590001/default_default/index.min.js
IP
23.38.201.31:0
ASN
#16625 AKAMAI-AS

File type
Unicode text, UTF-8 text, with very long lines (65493), with no line terminators
Size
113 kB (112619 bytes)
Hash
17c587f03cae5f6efdd68553a9e5a267
23187e28326aba9754c17c40b2f298ac61627d1b
4584ee27c422cb9720b72528671dc036e01f37b7baa9471bc1c9800babbecd2c

HTTP Headers

GET /1317241590001/default_default/index.min.js HTTP/1.1
Host: players.brightcove.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Length: 112619
x-amz-id-2: MNRAigqzsUlj9EoLYm5LDzv3ZSuQ5qryquKwDPwiXoAscKy97nAEAFyJJH1PWwtWarUYcv5dsck=
x-amz-request-id: RBY0D06WEC088BHP
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 27 Aug 2019 17:32:01 GMT
ETag: "17c587f03cae5f6efdd68553a9e5a267"
Content-Encoding: gzip
x-amz-version-id: kxoMNjsk74TqDku_pV2EDboTEDLATDw0
Content-Type: application/javascript; charset=utf-8
Server: AmazonS3
Accept-Ranges: bytes
X-Served-By: cache-ams21048-AMS
X-Cache-Hits: 1
X-Timer: S1659485642.231721,VS0,VE1
Vary: Accept-Encoding
X-BCOV-Response-Mode: 1
Cache-Control: public, max-age=300
Date: Wed, 07 Dec 2022 13:02:24 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.7245458438279806&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2F

52.51.219.145

200 OK

243 B

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=0.7245458438279806&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2F
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (316)
Size
243 B (243 bytes)
Hash
6341912862ee77c4beaf45c935b706d4
b0aec0f6005d8d7e98296f9e58548c2f7d5a8939
8f48ddc597f89a0cbf4d6586db0b4e615ac03dc165dc0d0d4ecc7ad0a322b714

HTTP Headers

GET /huntington/com/serverComponent.php?r=0.7245458438279806&ClientID=1035&PageID=http%3A%2F%2Frcu6.com%2F HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 07 Dec 2022 13:02:23 GMT
Cache-Control: no-cache, no-store
X-Cache: Miss from cloudfront
Via: 1.1 33388636a7cb2afa812b276d900f88d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: ch0aQL27poBTuDGvI73bfkHf-hKSc74rIeBQgadzI-kF7NpLeaeXRw==
Content-Encoding: gzip

f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001

151.101.194.27

200 OK

51 kB

URL HTTP/2
f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001
IP
151.101.194.27:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
51 kB (51192 bytes)
Hash
4cc0c7dca6a70b838f366f14bbf0e7af
145e954f96c3bc3f7cf9fe5f4bfdaa55e0a698a1
3ac85f38c5f9ae299a2dcbe4cac1af9f50baee5c25b2a392ff3136f299e2eb61

HTTP Headers

GET /8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001 HTTP/1.1
Host: f1.media.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
etag: "4cc0c7dca6a70b838f366f14bbf0e7af"
expires: Tue, 08 Nov 2022 16:37:09 GMT
last-modified: Thu, 23 May 2019 15:36:19 GMT
via: 1.1 72b77c557ac4c265c32d99bdef4e9d6a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD79-C3
x-amz-cf-id: qZydNnsGvqidKCtYzgMhSfDcUgLBlDLsk_Gn4shnzWqZkPbUjjlRRw==
cache-control: max-age=0
accept-ranges: bytes
date: Wed, 07 Dec 2022 13:02:24 GMT
age: 3097515
x-served-by: cache-iad-kiad7000060-IAD, cache-bma1661-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 152, 1
x-timer: S1670418145.538427,VS0,VE8
content-length: 51192
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

52.51.219.145

200 OK

37 kB

URL HTTP/1.1
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (557)
Size
37 kB (37292 bytes)
Hash
a61cd463438c91420b7c117a7b21adef
2633563d14f3066b5722b4c8582e94a1cee4f825
d3e0f8835f833c2533bb8e56c972208624e33d183959f310008840f74b69491b

HTTP Headers

GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 25 Oct 2022 01:03:34 GMT
ETag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
Cache-Control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 e20527248be1eebaced63108ab7e73d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: Iiz6DpDO611rI0DeqXMTwFVsqnOCaSxcCSJ9bTJVsVPCAw2nhQyN_w==
Age: 3754450

px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2F&time=1670418142616

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2F&time=1670418142616
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=&url=http%3A%2F%2Frcu6.com%2F&time=1670418142616 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b86b2d0d-7bc9-4978-8139-98cdaeeb99ea"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 13:02:24 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2449:u=1:x=1:i=1670418144:t=1670504544:v=2:sig=AQGvxLFd69O7SrozXs--T1R21jUTIwWH"; Expires=Thu, 08 Dec 2022 13:02:24 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXvPIgiNuylXPkPfxZ33A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BF3209C30EEA4F3DA023FEBBF470259F Ref B: OSL30EDGE0113 Ref C: 2022-12-07T13:02:24Z
date: Wed, 07 Dec 2022 13:02:24 GMT
content-length: 0
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

302 Found

252 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
252 B (252 bytes)
Hash
c911c6f4161cf68ee27d02ec0f268ff8
0bd040c44c96dd6b1b89613ffc4e48a0152eec95
c9fc67737c8a2913e73cf8ab458fbb11b1d39ea3302992eb0da094fe74954164

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=DC-10701487
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 252
X-XSS-Protection: 0

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

52.51.219.145

204 No Content

0 B

URL HTTP/1.1
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
52.51.219.145:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=http%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store
X-Cache: Hit from cloudfront
Via: 1.1 4ef5b810a61123a6a28e9f07ba613430.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUB56-P1
X-Amz-Cf-Id: 6KKSByQev3LKlorqk-ACinzhwgcOiN7zrW1WX17MK1_DLY1n7J8ooA==
Age: 33929

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44141 bytes)
Hash
d5f5a841be12d4d91c5b097bb0f13e53
2aa24c80a6ec1c793cc1ab7db522f18b2d2dd31b
2a09c76f7a555a48c8a434dd1be411e686db8c8d7809c96d70b63d27e319eb8d

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 13:02:24 GMT
expires: Wed, 07 Dec 2022 13:02:24 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44141
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.clinch.co/a_js/client_pixels/clq/script.min.js

23.36.79.32

200 OK

4.6 kB

URL HTTP/1.1
cdn.clinch.co/a_js/client_pixels/clq/script.min.js
IP
23.36.79.32:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (14797), with no line terminators
Size
4.6 kB (4567 bytes)
Hash
87474300d7f17748e3ed24b42d4bee2b
9d2c3a1f2b9cffdcb309ea2a2b13bed7b693042c
0388ad3b8fc80cfb336b71fabe7c01a2a8d8ff699fb448f4105a7d9ff5f680ef

HTTP Headers

GET /a_js/client_pixels/clq/script.min.js HTTP/1.1
Host: cdn.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
x-amz-id-2: adMugfF433YL+FfK0yhYay96eSjZAVC2bECbR3FBNYsdGtoJyV+rBZXvGbuNsIAHS4UU//dITPM=
x-amz-request-id: R8YJQ3PZ0BKYEXCH
Last-Modified: Tue, 11 Jan 2022 12:52:46 GMT
ETag: "666e09028e21421106f9ecd0ceb1ddac"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=16331526
Expires: Wed, 14 Jun 2023 13:34:30 GMT
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 4567
Connection: keep-alive
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,HEAD,OPTIONS
Access-Control-Allow-Origin: *

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.121

200 OK

4.6 kB

URL HTTP/1.1
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12961)
Size
4.6 kB (4581 bytes)
Hash
c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Last-Modified: Thu, 17 Nov 2022 18:52:45 GMT
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=utf-8
X-EdgeConnect-MidMile-RTT: 17
X-EdgeConnect-Origin-MEX-Latency: 311
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=52831
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Length: 4581
Connection: keep-alive
X-CDN: AKAM

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
df9ee05cc140f619a69b770c388c33df
c07e052104e98a1176dd6512fc01b6075b4865a5
2d628f50fb563fcb6c30ad985277f59e0bdf4f240ecedfb3b1e5aa70aeae17d4

HTTP Headers

GET /gtag/js?id=AW-849073348&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849073348&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 991
Cache-Control: max-age=86601
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:24 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 13:05:45 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
211253e14e3774c27f057fd79c6f3297
117ffcb6132283d4854b262e6d7bf74dc93333a9
1f8edff0043067941ef114cc6d71502f1bfb8dd829a3a61723d6fffc484cd577

HTTP Headers

GET /gtag/js?id=AW-849063932&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-849063932&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
9a5925fe9faff42cc8390efdc5e2eff8
39ca642317be780d118d5ff62197921098af3e08
7e8b8a5e18a9d993d5b47ac50b123a45aba9d25df045d0b833dc7e552eb7079f

HTTP Headers

GET /gtag/js?id=AW-786635084&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c

142.250.74.40

302 Found

278 B

URL HTTP/1.1
www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
278 B (278 bytes)
Hash
70c1096689fc71f2152ebe6c5c26cd78
06096e48d46a7e2cae7bc7a369ab729910f4473d
84dcca42231d9c3689703524bf60a2cca448645ee6559dbe43c9c0498efc391b

HTTP Headers

GET /gtag/js?id=AW-391028924&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://rcu6.com/
Origin: http://rcu6.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Wed, 07 Dec 2022 05:55:20 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: accept, origin, content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c8Fws5T5NXr26BYIZcQ6esJb3uTJk2EaBppdx2DG4dPKWjnfFE7Ing==
age: 25624
X-Firefox-Spdy: h2

fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397?

142.250.74.166

302 Found

0 B

URL HTTP/1.1
fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397?
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397? HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:24 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Location: http://2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397?
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Server: cafe
Content-Length: 0
X-XSS-Protection: 0

connect.facebook.net/en_US/fbevents.js

157.240.247.8

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.247.8:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: n3QEHt7bbpq3N+itVEM8cqEBWb3f6R0tli7jNF3mYAbtQgmwAgN4hJCtng5L6BgE8rXAH3oRj79lrVWvk3ENfA==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 13:02:24 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418144713&cv=11&fst=1670418144713&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

921 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670418144713&cv=11&fst=1670418144713&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1995), with no line terminators
Size
921 B (921 bytes)
Hash
8db6fb6ad31cb2a7210601931f2eac8a
34e81b8e82fcd829a55c5de5e81c7773043f36f6
9c59f9346ff2a67e54e43da8764ec1bfbcbe7ae99595b2f1186984569bb1ee1d

HTTP Headers

GET /pagead/viewthroughconversion/786635084/?random=1670418144713&cv=11&fst=1670418144713&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 921
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:17:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418144769&cv=11&fst=1670418144769&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

919 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670418144769&cv=11&fst=1670418144769&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1993), with no line terminators
Size
919 B (919 bytes)
Hash
f68df338f19520aed1bdde6f86e3111a
2a865687a3f89699b4c0f59b63941f330fa05b3f
4f8b222905c966615c2563e1c35dd869f5ab3612a79f862991a8b8511befc943

HTTP Headers

GET /pagead/viewthroughconversion/391028924/?random=1670418144769&cv=11&fst=1670418144769&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 919
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:17:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418144747&cv=11&fst=1670418144747&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

918 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670418144747&cv=11&fst=1670418144747&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1993), with no line terminators
Size
918 B (918 bytes)
Hash
8c961ee2745c53c33cac164fe02afbb4
d8e970dd2b0003942c11140965026b3431da820c
0db57b93e6f9d7cf473e372b3b8b86e470db4ce0cdec15986c6ba0d7ed3933c7

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1670418144747&cv=11&fst=1670418144747&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 918
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:17:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418144691&cv=11&fst=1670418144691&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.34

200 OK

919 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670418144691&cv=11&fst=1670418144691&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1995), with no line terminators
Size
919 B (919 bytes)
Hash
95466ab75cbb55b8fef210eca1dc35a7
ca988626361850561c6de5b7a839c0fff2ce7ead
5378b8cca0331abe829c1ce38439525faada27c1073322e72683518840c3897a

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1670418144691&cv=11&fst=1670418144691&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=1808399250.1670418145&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 919
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 13:17:25 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397?

142.250.74.38

200 OK

313 B

URL HTTP/1.1
2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397?
IP
142.250.74.38:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (398), with no line terminators
Size
313 B (313 bytes)
Hash
3622f3c57a9a3af8ad8abc1f660dcfb6
2960f78ca20295186bb7ed4e20bc60d6071650b7
200051c574f2700e1ddd284571bb28b3aed955fe7944436192cd46abba5aa024

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397? HTTP/1.1
Host: 2782440.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rcu6.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Wed, 07 Dec 2022 13:02:25 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 313
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A02%3A24%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2F&enc=UTF-8

212.82.100.181

200 OK

0 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A02%3A24%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2F&enc=UTF-8
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2013%3A02%3A24%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=http%3A%2F%2Frcu6.com%2F&enc=UTF-8 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:02:25 GMT
expires: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBOGOkGMCEFZKKJei79TqwB6vSRnui48FEgEBAQHgkWOaYwAAAAAA_eMAAA&S=AQAAApWgsG3tLR0ZHVkcML1VVAs; Expires=Thu, 7 Dec 2023 19:02:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js

52.177.241.160

200 OK

2.2 kB

URL HTTP/2
huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
2.2 kB (2246 bytes)
Hash
10dd63eb3edd16b6408ed957da6f070a
8294a11471b8a21751217cb486e10c4b8aeb4228
d8ea3360fed2dbbd9f79c35997b694ed03b55abea7fa8cdfc8ad3a89f6ddb508

HTTP Headers

GET /tagserver/js/ads-blocking-detector.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:02:24 GMT
content-type: application/javascript
cache-control: max-age=3600
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"7630-1668744896000"
last-modified: Fri, 18 Nov 2022 04:14:56 GMT
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2408
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 13:02:25 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2408
Expires: Wed, 07 Dec 2022 13:42:33 GMT
Date: Wed, 07 Dec 2022 13:02:25 GMT
Connection: keep-alive

www.google.no/pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/786635084/?random=1670418144713&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3716387489&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1670418144713&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3716387489&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1670418144713&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3716387489&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670418144747&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=137851225&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/391028924/?random=1670418144769&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859410758&rmt_tld=1&ipr=y

142.250.74.67

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/391028924/?random=1670418144769&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859410758&rmt_tld=1&ipr=y
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1670418144769&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=859410758&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=0&ipr=y

142.250.74.132

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=0&ipr=y
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670418144691&cv=11&fst=1670418000000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Frcu6.com%2F&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2983458832&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

52.177.241.160

200 OK

2.0 kB

URL HTTP/2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
2.0 kB (2016 bytes)
Hash
84a538bab5dd800e28ea7f1af6f3a40a
9130d0be68d09dc601802e5bcc992613b4a325e8
6e9ebadfb6ca1173f53f5b6a555f4c7e7edec5eed696e584ac37e03175ae5349

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:02:24 GMT
content-type: application/javascript
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"5098-1669876564923"
last-modified: Thu, 01 Dec 2022 06:36:04 GMT
cache-control: no-cache
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11224 bytes)
Hash
b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 58371
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14896 bytes)
Hash
4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:15:11 GMT
age: 17234
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8579 bytes)
Hash
a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
age: 54306
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7392 bytes)
Hash
c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:15:41 GMT
age: 35204
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 54525
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6557 bytes)
Hash
210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 16174
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa282ae07239f0cf04503485877d681
631aa2fff49d29c46341db6540d25917b3626ef5
9020928ea0c9addf3e0a04d78db4158b54b4f29577785b5adb4cf7f2949ced17

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:02:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/

142.250.74.130

200 OK

187 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (397), with no line terminators
Size
187 B (187 bytes)
Hash
a07a9e090b909db17b0f2954ce4f1353
06000c1da9705ded02fa58da455ca64e2de2c8e5
c2c5449289d0d2587b9fb4870361b582105d5928a6c001388f4aa7ee0706200b

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://2782440.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2F&rl=&if=false&ts=1670418145159&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418145157.461633804&it=1670418144729&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0b91763b-d59a-4f7e-afbe-61b4f4e946fe&rqm=GET

157.240.247.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2F&rl=&if=false&ts=1670418145159&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418145157.461633804&it=1670418144729&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0b91763b-d59a-4f7e-afbe-61b4f4e946fe&rqm=GET
IP
157.240.247.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=5140493269326436&ev=PageView&dl=http%3A%2F%2Frcu6.com%2F&rl=&if=false&ts=1670418145159&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670418145157.461633804&it=1670418144729&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=0b91763b-d59a-4f7e-afbe-61b4f4e946fe&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 13:02:25 GMT
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/

142.250.74.98

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=7966477416086.397;~oref=http://rcu6.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 13:02:25 GMT
expires: Wed, 07 Dec 2022 13:02:25 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9ee6f6f7d7460ddc51c7b98ca5e144e2
007f1069375b9a06a08258d1d910107d975ec254
0b9b7381999d15cff7e54121cd87a22c6bbd795709a954590287fe0546e7a944

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B9B7381999D15CFF7E54121CD87A22C6BBD795709A954590287FE0546E7A944"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 19:02:27 GMT
Date: Wed, 07 Dec 2022 13:02:27 GMT
Connection: keep-alive

mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2F;visitID=JBFJXWAZILJOTJHPDWDEKRTDRMVBAVPP;app=0bd76d7cc9264013;end=1

100.24.162.178

200 OK

28 B

URL HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2F;visitID=JBFJXWAZILJOTJHPDWDEKRTDRMVBAVPP;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=null;referer=http%3A%2F%2Frcu6.com%2F;visitID=JBFJXWAZILJOTJHPDWDEKRTDRMVBAVPP;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1269
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 13:02:27 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513

34.195.84.81

301 Moved Permanently

134 B

URL HTTP/1.1
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513
IP
34.195.84.81:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: awselb/2.0
Date: Wed, 07 Dec 2022 13:02:28 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://trk.clinch.co:443/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513

ocsp.godaddy.com/

192.124.249.36

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.36:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
86476fbd753267ea2ee3851675410160
977e0b791ee980544ba9ec54b572d7fa845ed620
a38bdc3f0d807964940714cfd06d8b98e83256f8fa0418409c3fee0493fe4797

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 13:02:27 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 20:06:23 GMT
Expires: Wed, 07 Dec 2022 20:06:23 GMT
ETag: "977e0b791ee980544ba9ec54b572d7fa845ed620"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513

34.195.84.81

302 Found

0 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513
IP
34.195.84.81:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 07 Dec 2022 13:02:28 GMT
content-length: 0
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513&try2=true
server: clinch
set-cookie: clinch-sid=b02cfee9-caa8-4de3-9048-36dfdbfa544f; expires=Sat, 07 Dec 2024 13:02:28 GMT; domain=clinch.co; path=/; secure; samesite=none
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513&try2=true

34.195.84.81

200 OK

79 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513&try2=true
IP
34.195.84.81:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
70c92fdbfdaad0989a68617939cf615c
4cc7e0778377d6e89b665e1741c798b9df21693a
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=http%3A%2F%2Frcu6.com%2F&version=3.4&a=1670418147513&try2=true HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rcu6.com/
Connection: keep-alive
Cookie: clinch-sid=b02cfee9-caa8-4de3-9048-36dfdbfa544f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 13:02:28 GMT
content-type: text/html
content-length: 79
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2

rcu6.com/index_files/121543311796381

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/121543311796381
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/121543311796381 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 178273
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020

35.186.193.174

200 OK

0 B

URL HTTP/2
media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020
IP
35.186.193.174:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /media/launch/tcFramework.min.js?codeVersion=1587584821020 HTTP/1.1
Host: media-lax1.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
date: Wed, 07 Dec 2022 13:02:24 GMT
expires: Wed, 07 Dec 2022 14:02:24 GMT
cache-control: max-age=3600,public
last-modified: Tue, 26 Oct 2021 00:24:18 GMT
etag: W/"61774ab2-f2eab"
content-type: application/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

rcu6.com/index_files/js

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/js
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/js HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Length: 81640
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/js

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/js
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/js HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Length: 81640
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

0 B

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: GoYYVxLjXO1Kw4eoapZvUs8+kb6UnHKyUvOn3AmQRHWmd/tuCqfSF7fsA0uzgoKHsyJi1fotiW7uZwNRYYLioA==
x-amz-request-id: DV39WB6CYW998679
date: Wed, 07 Dec 2022 13:02:22 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 3
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/index_files/121543311796381

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/121543311796381
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/121543311796381 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:22 GMT
Content-Length: 178273
Connection: keep-alive
Last-Modified: Thu, 23 Apr 2020 00:07:38 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

rcu6.com/index_files/vtt.global.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/1.1
rcu6.com/index_files/vtt.global.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/vtt.global.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rcu6.com/

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 13:02:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 23 Apr 2020 00:07:40 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

143.204.55.71

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
143.204.55.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://rcu6.com
Connection: keep-alive
Referer: http://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 07 Dec 2022 12:02:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=30642
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iSkjyBUiaDJRP7jhNeDKD9G4lnVRFNFx710_SXZm3RfFDUsw23JznA==
age: 3569
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations