Report - rcu6.com/email-account.php

Report Overview

Submitted URL
rcu6.com/email-account.php
IP
45.133.200.3
ASN
#200313 WEB_GroupInternet INC
Submitted
2022-12-07 00:39:35
Access
Website Title
Final URL
Tags
None
urlquery detections
Phishing - Huntington

Detections

urlquery
28
Network Intrusion Detection
0
Threat Detection Systems
154

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.huntington.com	56151	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	545 kB	104.84.152.187
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	29 kB	157.240.200.14
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	567 B	1.1 kB	142.250.74.34
huntingtonbank.inq.com	92998	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	794 B	5.7 kB	52.177.241.160
cdn.linkedin.oribi.io	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	946 B	1.9 kB	54.230.111.8
2782440.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	540 B	1.1 kB	142.250.74.70
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	349 B	157.240.200.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
rcu6.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	40 kB	1.5 MB	45.133.200.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	575 B	867 B	216.58.211.2
sp.analytics.yahoo.com	816	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	593 B	919 B	212.82.100.181
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ensighten.huntingtonbank.com	91425	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	41 kB	63.34.68.24
fls.doubleclick.net	436	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	532 B	977 B	142.250.74.166
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.9 kB	3.0 kB	142.250.74.131
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.8 kB	93.184.220.29
snap.licdn.com	1044	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	4.9 kB	23.36.76.210
px.ads.linkedin.com	522	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	458 B	824 B	13.107.42.14
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	5.6 kB	142.250.74.130
trk.clinch.co	5423	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	775 B	52.6.162.203
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.148.77.40
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	9.8 kB	142.250.74.131
f1.media.brightcove.com	21505	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	479 B	52 kB	151.101.130.27
mef957.dynatrace-managed.com	107553	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	659 B	167 B	100.24.162.178
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	3.0 kB	216.58.211.4
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	45 kB	142.250.74.168
ocsp.godaddy.com	698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	2.3 kB	192.124.249.24
s.yimg.com	375	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	927 B	87.248.119.251

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/email-account.php	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank
2022-12-06	medium	rcu6.com/	Huntington Bank

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download	164 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash f8d69b81ffcc4002ad5144c582a9214e a42d2e7aa00a9c483a053f8a46aee75a8e055463 717d421a546684bb53dd5fc86bc27f22ad9d888f8f47239536c01f2b825dc6a7 Loading...

	rcu6.com/index_files/jquery-3.4.1.min.js.download	88 kB	2023-03-07	2024-04-27
Pretty URL rcu6.com/index_files/jquery-3.4.1.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-27 07:23:07 Times Seen95709 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	rcu6.com/email-account.php	33 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen15 Hash e5e346b7bab3e6cbcc9cec9c13bc5265 2ca39bf886a2e43e3a0f359e23d30e6b455a0cbf e9a021db128b1e1ebe14644b30f6aeed04690a07b3c1fc363871cbceaf3ce53d Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670373565834&cv=11&fst=1670373565834&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/786635084/?random=1670373565834&cv=11&fst=1670373565834&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:29 Last Seen2023-03-08 20:34:29 Times Seen1 Hash 779209e189fcd2698b72f8f439c094a4 7d90efe2b41c217303ef94091c773e6052d733d7 fd4b04ec4ca9b00e4dce228cf89f3596b4a8e84dfd1c1c541a3dd44124e8e0f6 Loading...

	rcu6.com/index_files/Bootstrap.js.download	226 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/Bootstrap.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:29 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 8521764f868ab4e10e51a33461386401 a7fe21e2680049267f55e9310f4f40bc59f75f29 11a9d9a3b60d7333fbeeec66f426eba57bee3f0027e2cca8de452d5248accd0d Loading...

	rcu6.com/index_files/ads-blocking-detector.js.download	6.9 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ads-blocking-detector.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen9 Hash c0fb71d6f96440d1598b1f107a3d3317 0250d4eb5724b38ecb8f16e5ea571cce6b192b04 4b77972fc8b4afea3b15a7fe4fed727fc80a5253ff8b04ec09082e2f6e5248e5 Loading...

	rcu6.com/index_files/postToServer.min.html	21 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/postToServer.min.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:54 Times Seen4 Hash c085cf73585c899d85a8653134613840 009b32136dac55f29f950cbae540a73d0ba4bf97 e5127d3ed0290f036795e20be1aa49369c0875d4b869f59573a4c20687cd17d7 Loading...

	huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js	7.6 kB	2023-03-07	2023-04-13
Pretty URL huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-04-13 23:00:32 Times Seen2 Hash 6904d7c5c142b5f9a02e58e1a1417087 500042b9f8aa2c337fdcfa34862070770a181556 e762c7b3f6e4d3d97cfe0ade7dcb8b91c9ff85f57f9e7885fa42626c71c7b092 Loading...

	www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c	183 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-391028924&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash 5a9b926078899ed79e8c947345d5d7cc 730e12572141fa5f5a372add2aa03ded0b0d57db 3d696eb25e387f23cb51768db2fef5e0a23ed96a015577337bcc418307bd5ead Loading...

	s.yimg.com/wi/ytc.js	17 kB	2023-03-07	2024-03-04
Pretty URL s.yimg.com/wi/ytc.js IP 87.248.119.251 ASN #203220 Yahoo! UK Services Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:36 Last Seen2024-03-04 14:29:23 Times Seen1244 Hash 6a624022b5d271dcefb070b0b6670abc e9a0a059a5cefc0cd9e6cc0e8d7bd8d64c23936b 249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670373565905&cv=11&fst=1670373565905&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670373565905&cv=11&fst=1670373565905&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash 1944b2a4fa1aede444e4e4896d4a4a05 bbca9c912d23541c5f1a349b3b6faef535d56095 9fedeed0893198e2fc8ae5c4602699ae2a136b1554124c7eb374cb50e3411309 Loading...

	rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download	131 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 3816175f699c173db124bfac88c03e79 7f047ce4d00051ac09a9541751ea2a987be10c35 c4903955d0c09bf6f21be1870c3bf07b95b3d8fac208f7d363af0c18cd881fed Loading...

	rcu6.com/index_files/oo_engine.min.js.download	46 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/oo_engine.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:57 Times Seen402 Hash 3023bde795e4926691e3691ace0d9356 053c86b53ec7bca624cffc3f6321697d35a1c5d5 1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5 Loading...

	www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c	138 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=AW-786635084&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash 7d1ac37a0bffde4d9dcec748ea55c657 b04bd2a9f5522fee55266a3d8d0e5ea359316c35 1f2a44c19b330dacca08b5ed2eb8bee6e349bac0b8504c0c70c844e7ce194d55 Loading...

	huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js	5.1 kB	2023-03-08	2023-03-09
Pretty URL huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js IP 52.177.241.160 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-03-09 02:16:59 Times Seen1 Hash 609fbd6bc0fe3ebbbdb1ce590758d2d3 b731b656d04768b94532edaf1dc67038a3fa583e da65d01dbbfda64a874f36dcc9c6ac3e1a053a21abe17aa0570c74367d615338 Loading...

	rcu6.com/index_files/insight.min.js.download	3.6 kB	2023-03-08	2024-04-04
Pretty URL rcu6.com/index_files/insight.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2024-04-04 05:53:28 Times Seen29 Hash b51baa8e9e038597c2cbf9049c3270c6 10d9ab6b0c3fdb3fba54fa31ad200d8423366d1b 41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0 Loading...

	rcu6.com/index_files/fbevents.js.download	204 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/fbevents.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 2e6a0f2c1545e64393f7714486098269 af19ec943dd0b37503344450fe9a3c7d6adf4ccf 2f220735682253606c6f4b885706516109a48fbd522f9928c717ae7864f0ae8e Loading...

	rcu6.com/index_files/ytc.js.download	14 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/ytc.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash 262ad28777cd04301eaf1ed832269103 011e8f00197647efcc835622a0b327e6e7b07b07 5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 07:23:07 Times Seen37114017 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	rcu6.com/email-account.php	962 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 77d0938da96815782fe5ea7b037129d3 0798a7f4f0ab7c834499c69fcddc6e1ffc9d6637 97ac02eff2faf4bbfcfd9bc16f4f3b1c5836df34babfb45aef33a7a7bec8d177 Loading...

	ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=8.31966788978267&ClientID=1035&PageID=https%3A%2F%2Frcu6.com%2Femail-account.php	319 B	2023-03-08	2023-03-08
Pretty URL ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=8.31966788978267&ClientID=1035&PageID=https%3A%2F%2Frcu6.com%2Femail-account.php IP 63.34.68.24 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash 4e1388f11891aab99640c91740a31452 1f7b16cf523c49887003ad94a53aa9577beec2be dc1f2eac7b0a3ff560c17df114632fa22aacc856800bba8a9a6127762aed7c43 Loading...

	media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020	995 kB	2023-03-07	2023-03-14
Pretty URL media-lax1.inq.com/media/launch/tcFramework.min.js?codeVersion=1587584821020 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-03-14 12:59:02 Times Seen1 Hash f8cc5943bc579ac1ae0450640646dd23 85260ec2515e77f1ed2638ec92013c1fb2e551d7 78916d3ad4fa6ee9caa53b747b43715fbc17836bfcede24ad62fc33b0b36f5ef Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670373565860&cv=11&fst=1670373565860&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670373565860&cv=11&fst=1670373565860&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash 5a2cd249b608979029b77d4c84442950 b05f8148e31a05c3d25925fee72d454757a0f5e2 f863ab732d4495d0faa1bb52d228d2ae756793a3573704c0d318f683d3d4da41 Loading...

	connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable	300 kB	2023-03-08	2023-03-11
Pretty URL connect.facebook.net/signals/config/5140493269326436?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:13:35 Last Seen2023-03-11 21:45:29 Times Seen1 Hash 3ed87255a9f61c2562264cd9eb2078b3 e3917251453733e60075d612e8aa66b096347a78 61b3a499287fa65375647fa02435307bc45451130d64e63ca7123e521f03d1a8 Loading...

	rcu6.com/index_files/bat.js.download	25 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/bat.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen5 Hash ad2da5f478b3ca25fc283c8039946a04 9dabae74978709f503e77ef81fbc8cfd367b8f25 079e218ad07f42523479d475b4973a6e386ba95209ee964c04c1a6eb6186bda3 Loading...

	rcu6.com/index_files/site-survey.min.js.download	7.5 kB	2023-03-07	2024-04-08
Pretty URL rcu6.com/index_files/site-survey.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:24 Last Seen2024-04-08 20:09:58 Times Seen286 Hash 374ca92abaa98bc7b2f19fe64114a18b 4c0a1441026a9337d322d7ae5536df1427e5c140 7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806 Loading...

	rcu6.com/index_files/outdated.min.js.download	1.1 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/outdated.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen5 Hash c4ad5eca721cb2b662e55dc580893018 ed014d7db09aa41b8ff65728557436519e3a8aed 680fdb61543dbbef02c4f988dcf5c5960fc9506f5cb1a3097737a2f0ea980e32 Loading...

	ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774	145 kB	2023-03-08	2023-09-14
Pretty URL ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 IP 63.34.68.24 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:59 Times Seen150 Hash 5828bc2a2ceaa2961527eedaf4167b77 166d54624e012273fa58054d82c8148435c6f51f d8b4316c52fee0d44615da1b505f567a8b0e62a3db556fa55320e8e7be025c28 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-08	2023-03-12
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:40 Last Seen2023-03-12 12:54:15 Times Seen1 Hash 795b6295a518e0a829d7b29695163231 9cada4433e63280a008cbb0a2a0bdb5af5e57206 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 157.240.200.14 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670373565883&cv=11&fst=1670373565883&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4	2.0 kB	2023-03-08	2023-03-08
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670373565883&cv=11&fst=1670373565883&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 IP 142.250.74.130 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash d1b02e24beb2252c3078bdeeed6e0b97 a959f19382bddb58c909880902ad5780a1e5bc34 7501afb7d5a6a55ccfdb2d8e991eb3be4c73ff1e16baf20fd2796c79115e2469 Loading...

	rcu6.com/index_files/inqChatLaunch10006663.js.download	23 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/inqChatLaunch10006663.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen13 Hash fc28fe7671857c8fc6af5c725b6efa65 2602647796aa238b5a5f145e0f6892c2bad94e84 86598506c865db230133e34b3dc2d011e7877925d0a0b91389cddc518a166828 Loading...

	rcu6.com/index_files/dest5.html	6.7 kB	2023-03-07	2024-03-23
Pretty URL rcu6.com/index_files/dest5.html IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:36 Last Seen2024-03-23 05:26:10 Times Seen1169 Hash bea2f42512935b636558e81988e2d51f 2c9772b62f6eb8a3cec9c3a6fb9c0b22c927e59d 0cc5ff21c24654308609656ebcfda2d792d15f6fda17c0a88b551fcf8e456fdb Loading...

	rcu6.com/index_files/toolkit.min.js.download	448 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/toolkit.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-11-11 14:02:56 Times Seen4 Hash 1bcb85c6a5c78b6239acb258e731633d 3e8be4806f87db8154af5c41dbe9d063795549e7 21ecdb4388de76fa687acc9d73abe881731649cbbb1ff552988a810520093acb Loading...

	rcu6.com/index_files/chat-fab.js.download	20 kB	2023-03-07	2024-04-06
Pretty URL rcu6.com/index_files/chat-fab.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2024-04-06 05:55:00 Times Seen247 Hash 2fb85e01b38ec473bd67a3ec442d9486 c3c6b95da9c8242f31cd0f3eb1399ca789f47ff7 bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e Loading...

	rcu6.com/email-account.php	146 B	2023-03-08	2023-11-23
Pretty URL rcu6.com/email-account.php IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-23 02:06:21 Times Seen14 Hash 4a7e15e261408d827197577b1747386e 1480fff1e160c567a9e06c781428cdd108916af9 38e339b1ebb43ce74fc52054456dacd2e38249d4d263aa60bb8ff854699c9b52 Loading...

	www.googletagmanager.com/gtag/js?id=DC-10701487	113 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=DC-10701487 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:34:30 Last Seen2023-03-08 20:34:30 Times Seen1 Hash c60782a451cb643276c609443e9972ad 206432de0020be7a0294c9ef0e3c94fd563e0da2 96219d574f653e8e79126c663305b522ee8aea526d95d9f57013d2851e8ab1fe Loading...

	cdn.clinch.co/a_js/client_pixels/clq/script.min.js	15 kB	2023-03-08	2023-09-14
Pretty URL cdn.clinch.co/a_js/client_pixels/clq/script.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:06:56 Last Seen2023-09-14 03:55:58 Times Seen111 Hash c12dd0f8c53c6d8f8a5c845a2f892307 5e880be41d047f1b7754e93e8a44347d28482702 b4006b2b20c4ba8ac04ddd00bb13dc8fe178503b89b31481e4b43243795bcb7b Loading...

	rcu6.com/index_files/vtt.global.min.js.download	21 kB	2023-03-07	2024-03-21
Pretty URL rcu6.com/index_files/vtt.global.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:21 Last Seen2024-03-21 22:59:09 Times Seen552 Hash f30dac97e5c2aaa10a7695b93cc66699 50c71ce19b49160495729339b0f15246120864b6 aa706c43e8733a58224f514db36f253bed4ea01f56a90b66916c4aa6a656ec2d Loading...

	rcu6.com/index_files/site_10006663_default.js.download	47 kB	2023-03-08	2023-11-11
Pretty URL rcu6.com/index_files/site_10006663_default.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:56 Times Seen9 Hash bca24f1cd01f6281d6996ab7b9ccdfbe a08946199e8080b84a5f204323687a93cb416ee1 fe650baa63a09a5aa5b59475f20f6efd77aa359947779e5ec6f9ea9a3f0d4b3a Loading...

	rcu6.com/index_files/tcFramework.min.js.download	537 kB	2023-03-07	2023-11-11
Pretty URL rcu6.com/index_files/tcFramework.min.js.download IP 45.133.200.3 ASN #200313 WEB_GroupInternet INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:56 Times Seen8 Hash dcb2a9d7c24522e9d82d018e7649f10c 5f2a33d0ace4d7231a7390e3070b4304796a5efb d6ce17127f0cc7ac0308fb593076997b7ab2cfe1c8bf4ab6f871ff3d15ce7c7e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 02ca0a2b7dfe6ef50e45811e6139a0aa	30 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash 02ca0a2b7dfe6ef50e45811e6139a0aa 9ef378dd36388f1c5d527e4115a9ee804509824a 400dc27c5435c3ac3a33555c05ac84a993101f38b3c96ae17547026c1358152c Loading...

	#2 Eval - f235f34bea1f47d8e0018be4d63b325e	16 kB	2023-03-08	2023-11-11
Pretty Observations First Seen2023-03-08 20:28:39 Last Seen2023-11-11 14:02:55 Times Seen5 Hash f235f34bea1f47d8e0018be4d63b325e b1835f5dc561a4c105bee05e6baa185a026c4828 44e8e2163cdbde2338d98ff05168f6c7f5d14796b2f8c39e94715fa766300dee Loading...

	#3 Eval - f0bcb6054760742619dd8232ef3c0a10	15 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash f0bcb6054760742619dd8232ef3c0a10 5a6da0191a9465a2060a531f8670dba8ec1de60b a86a4ccc459fd4c19c3bc96fc9d54597c33198af95ec665dfb7e729c53ba3c2e Loading...

	#4 Eval - 4edafc01dee4d31d150f7eef22cde69b	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 4edafc01dee4d31d150f7eef22cde69b 4e2cd90a697c35a575ce06ca65884193602962a0 a9a4ed8860c1ea2527c90e6bd39985850fd4a2627faad24560b2f3d877ea08d8 Loading...

	#5 Eval - 7e39ed720ec93e5fad95e53d0dcdfaa1	18 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 7e39ed720ec93e5fad95e53d0dcdfaa1 d1e532e06d343982612146fe96f2ed1023d547fa f152bee9780f82664f1561f59d4cfb7a8aa6490e08066899276dda831b3f3b53 Loading...

	#6 Eval - 662e2bc9ea40f7815fc14ec2384c8151	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 662e2bc9ea40f7815fc14ec2384c8151 85490b4fc3e79b718bee28aad635cdbf0a709ca6 3d151b0dcd0bd79e4e6a5ae0535d85337c94a8f5c9447fb13974d4f75e5ca361 Loading...

	#7 Eval - 561c579b1c992ddb6df4c14838c2f30c	22 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 561c579b1c992ddb6df4c14838c2f30c 76b6af2bdf3d11eb093a8d14bd665ba4f38638d9 594d5abbc9f4e285b8be7425b07db97f9c6306c800d8072081a003080ebd429f Loading...

	#8 Eval - 2ee58accb196af11debb695dc1b27a4d	20 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2ee58accb196af11debb695dc1b27a4d 683d57f49ae989c9bd8d09f9e6ca1c483010cc61 1ad74da51608a5830dc65b73a416e1182289e1e46f653e798c02b22f53d09e11 Loading...

	#9 Eval - 2a8c58d31bff121aa3907026a152d737	28 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 2a8c58d31bff121aa3907026a152d737 dcaa941e42ee5547ee017d615d309e59b1b57947 8a96d5c96f7c639f2c3d3fb2f4dc0da580f54d5e191f4674380da731e871bf1b Loading...

	#10 Eval - 16434cb1948736e604365f82624577ee	23 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash 16434cb1948736e604365f82624577ee 3bf3a89283ad989c0486bd7d04215d7adbdab884 ff00ecc4d338e97894d9afc638f3184b3ecab052c80d6b3377fbabe6afe3d71f Loading...

	#11 Eval - cf868d8d47b14a245d9dd5763458f791	21 B	2023-03-07	2023-11-11
Pretty Observations First Seen2023-03-07 14:50:00 Last Seen2023-11-11 14:02:55 Times Seen6 Hash cf868d8d47b14a245d9dd5763458f791 41f2d7008670a86e5fba13ce3d67231b3fb55cfc 92b445b1a5af92ca2a9349d1a8237ad3cdb081b4d6388a7e99f35593c23be6bb Loading...

HTTP Transactions (173)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12640
Expires: Wed, 07 Dec 2022 04:10:03 GMT
Date: Wed, 07 Dec 2022 00:39:23 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4027
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:23 GMT
Last-Modified: Tue, 06 Dec 2022 23:32:16 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2420
Expires: Wed, 07 Dec 2022 01:19:43 GMT
Date: Wed, 07 Dec 2022 00:39:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 00:18:42 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1241
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: olW577fDk2P2jwanF9EN20/cZazGwoWWk6sw27jamPy+vUrgBtrrl7xycJELqdbqBK7kwUGgSyU=
x-amz-request-id: SC929HZZAR4VENJK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 23:47:17 GMT
age: 3126
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
20212e31e67f2ed05225911321b6911b
ebf5aad93eb17174b13aa190f79bba22ac57b255
55335b7898e0cf9181a649c82ce797f132c9fe3cd0f56155427eeb9083af3851

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55335B7898E0CF9181A649C82CE797F132C9FE3CD0F56155427EEB9083AF3851"
Last-Modified: Tue, 06 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 06:39:23 GMT
Date: Wed, 07 Dec 2022 00:39:23 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/oo_icon_retina_black.gif

45.133.200.3

200 OK

552 B

URL HTTP/2
rcu6.com/index_files/oo_icon_retina_black.gif
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 18 x 18\012- data
Size
552 B (552 bytes)
Hash
0f74fe3f4f85d3c7f096f2416efa893a
bffedd9c6e9b04c0e6f7f77bd689013de5e8d01e
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_icon_retina_black.gif HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/gif
content-length: 552
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/hero-mobile-woman-standing.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/2
rcu6.com/index_files/hero-mobile-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (34344 bytes)
Hash
097569ac7ca97d9d6538a35d6ab28927
c39c33070b20c2f7d92866e4e915e65944d62766
330892c01cfa66bf7c89a67960cdb733ea6fe00cce8e5cd05df1f54ca5fe3f65

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/hero-mobile-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 34344
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/icon_ENERGY_RGB_Location.png

45.133.200.3

200 OK

7.5 kB

URL HTTP/2
rcu6.com/index_files/icon_ENERGY_RGB_Location.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Size
7.5 kB (7543 bytes)
Hash
a58a87032c6c7175484ded7dcc54917e
6e00910f7b8d37f45918a7f20d5384e2e3ac363a
e4190662de958e1a2c8377c7ff106609da73fc394c8991ebd9ab81368e129b9c

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_ENERGY_RGB_Location.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/png
content-length: 7543
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/v-mobile-white-glasses-grn.jpg

45.133.200.3

200 OK

34 kB

URL HTTP/2
rcu6.com/index_files/v-mobile-white-glasses-grn.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, baseline, precision 8, 736x480, components 3\012- data
Size
34 kB (33545 bytes)
Hash
a0d1664331d8eb21ff5dee44dfa8f50e
6fe36cc3bb0fb70a92a0285a1b82b26d838f5371
2bb709222096c8b6748a66c23e1ba6fc88c0d1520425b0c7982b24be1eecada5

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-white-glasses-grn.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 33545
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg

45.133.200.3

200 OK

236 B

URL HTTP/2
rcu6.com/index_files/icon_arrow-simple-right-lightgreen.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
ef60e363ad319ed80a9726e47dfb7fde
bdfd20cdabe3b80ebdf6f38528ea696af6ef9ee7
5c4c8971c0dbcb22c58ef1601a338af72af941e616da0b51a551a102582094ca

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-lightgreen.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
content-length: 236
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/icon_arrow-simple-right-green.svg

45.133.200.3

200 OK

236 B

URL HTTP/2
rcu6.com/index_files/icon_arrow-simple-right-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
236 B (236 bytes)
Hash
c15fb067b96520fab546ea19cbdec4cf
6e12531154a8eae1ffd69a304adef6e36b7f7395
c02e4c11a4c75d01c124759b5c9e9ea61ab52faca11dacd13fd4f36b111c61d9

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-right-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
content-length: 236
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/v-mobile-business-woman-standing.jpg

45.133.200.3

200 OK

26 kB

URL HTTP/2
rcu6.com/index_files/v-mobile-business-woman-standing.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 736x480, components 3\012- data
Size
26 kB (25812 bytes)
Hash
b8c9c25b56c5bc795c02895e55d00ab9
c9e7f5f939525f6dd6ae7abae39d5cb7b6eb40fe
13f5b82be3a4369ef637e7963b1b62af963de2e9087a6767df07c18356fc0d66

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-mobile-business-woman-standing.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 25812
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/jd-power-award-2019-mobile-online.png

45.133.200.3

200 OK

64 kB

URL HTTP/2
rcu6.com/index_files/jd-power-award-2019-mobile-online.png
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
PNG image data, 406 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
64 kB (64084 bytes)
Hash
8d223f884315d4a6cbe5ec5ae6e5d56c
e69f13b1a66d9bda11112758a50d2cd666a9624d
2f1795a79395cc96ae535538ae9dcd826f83e2f8b6d998dab5d122f5ec1594b5

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/jd-power-award-2019-mobile-online.png HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/png
content-length: 64084
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/icon_arrow-simple-down-green.svg

45.133.200.3

200 OK

251 B

URL HTTP/2
rcu6.com/index_files/icon_arrow-simple-down-green.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
251 B (251 bytes)
Hash
f8c517c8e11bb3b923c3b40d5a97a558
aec1f36fbbce0c666d22e3111dc8cea51cd66d8a
205542c1a66e2af533470d79ab37d6dcceb6e62b3b0ed44dd28a185a009fa64f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/icon_arrow-simple-down-green.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
content-length: 251
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/west-broad-elementary-kids.jpg

45.133.200.3

200 OK

32 kB

URL HTTP/2
rcu6.com/index_files/west-broad-elementary-kids.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x308, components 3\012- data
Size
32 kB (32055 bytes)
Hash
dc55374efaafedc5193b9f4c57e8f1a1
3dd9bd8ce4d6ef2eb8cd882ed580d57fc6991393
0dab592cbf8f71bce76059647380cb6e82ecb8c96b0e2d45c271563af101da3f

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/west-broad-elementary-kids.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 32055
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/2
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-length: 32829
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/columbus-urban-league.jpg

45.133.200.3

200 OK

38 kB

URL HTTP/2
rcu6.com/index_files/columbus-urban-league.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.00, resolution (DPI), density 120x120, segment length 16, comment: "LEAD Technologies Inc. V1.01", baseline, precision 8, 548x309, components 3\012- data
Size
38 kB (38135 bytes)
Hash
c387f7385b09799a1ed335ea997d838f
ef5c0a09094bcc0184b3445846146bfd844a880f
8dd84ba8c46c05c00cc9ee5ca020b95f976a0087cc3a70253bf3ff561ea66c3a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/columbus-urban-league.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 38135
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/pelotonia-riders.jpg

45.133.200.3

200 OK

83 kB

URL HTTP/2
rcu6.com/index_files/pelotonia-riders.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 675x379, components 3\012- data
Size
83 kB (82993 bytes)
Hash
d0a3a0ddf6579ddb74b4aabe794c7273
a1402b31d2070f37f63b6b2ee9dd778683f38990
0fe72bc26a43b42874029da0f84022b13dc1c61915ed121ab03b6b3e0fa5b690

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/pelotonia-riders.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 82993
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg

45.133.200.3

200 OK

151 kB

URL HTTP/2
rcu6.com/index_files/v-desktop-privatebank-man-on-chair.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1400x801, components 3\012- data
Size
151 kB (151142 bytes)
Hash
81deb151736e7ae75ea57e2085465344
04b2e330b890ad5eb654f50935ebeb2fba9e4f46
5964da57696a9334edd52b5b0d89c3489323d3174a716b1601c74afa042cd1ed

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/v-desktop-privatebank-man-on-chair.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 151142
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/CML-hero-NEW-mobile.jpg

45.133.200.3

200 OK

173 kB

URL HTTP/2
rcu6.com/index_files/CML-hero-NEW-mobile.jpg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=725, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1400], progressive, precision 8, 1400x725, components 3\012- data
Size
173 kB (172824 bytes)
Hash
91f8937c5225b661b1e8fa0c5a0906ac
4c507a0f9431e566dcb6a287d61e50870b99e2af
00fb13972a54aee58558dd11a63c70737a3462decfaa67606684f694b45b44da

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/CML-hero-NEW-mobile.jpg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/jpeg
content-length: 172824
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/121543311796381

45.133.200.3

200 OK

178 kB

URL HTTP/2
rcu6.com/index_files/121543311796381
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (41803)
Size
178 kB (178273 bytes)
Hash
a28eb712d6abf02852b73bbc0e4de34e
0b8c16f5f897f6c3ba7eae1f928db367ba280ed0
141ec5a33333716da61e6fa018e79fa369dc409a362d678a8b832a24ae3275d9

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/121543311796381 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 178273
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 00:08:58 GMT
cache-control: public,max-age=3600
age: 1826
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/2
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 66005
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/0(1)

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/0(1)
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/0(1) HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 0
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/sp.pl(1).download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/sp.pl(1).download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl(1).download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 0
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/js

45.133.200.3

200 OK

82 kB

URL HTTP/2
rcu6.com/index_files/js
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1571)
Size
82 kB (81640 bytes)
Hash
0e1b94c35c3e58f7059b59118be1c387
06ba4e408df4181416c1e5a7844411cbd7bc02a3
d5cbc3f2b867dbae56c27bf27417de0d73bba4a578d98d568c43ef92f7bad4b8

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/js HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 81640
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/2
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 662
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4027
Cache-Control: max-age=120873
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:24 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 10:13:57 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

rcu6.com/index_files/5151e22e

45.133.200.3

200 OK

33 kB

URL HTTP/2
rcu6.com/index_files/5151e22e
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (19024)
Size
33 kB (32829 bytes)
Hash
0efa0e41898f378d45b2e935e65175ce
8c4205a8e2286045d4d6af9403025b658c538e1a
1d4cab71cdc96860f4a8e41483bba4d5ec05b02a68244c77750207d799210fcf

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/5151e22e HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 32829
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

54.148.77.40

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.77.40:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vsrbiyTXiJMiDLu1RJe+Eg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f//E9gReBQU/MCXFdxOAQFm6Tq4=

rcu6.com/index_files/logo-honeycomb.svg

45.133.200.3

200 OK

906 B

URL HTTP/2
rcu6.com/index_files/logo-honeycomb.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
906 B (906 bytes)
Hash
40c3559fe237e23008d4d054cae3113a
7a83a93633150dcff5cf1cb2d07c93289e624c57
535ce11af8746d3a0ffac5818f13af4f6a3ad1979d18df1bdc337f7d7c2dabfe

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/logo-honeycomb.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/js

45.133.200.3

200 OK

66 kB

URL HTTP/2
rcu6.com/index_files/js
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (1571)
Size
66 kB (66007 bytes)
Hash
c7640eb332eddb8b3fb21b1516a394be
284a8cf904d6f83df8dc8595ebe8789c924f32c2
9bc467d572a4c72813b532005936a7727b254879a7c86262a1b41b104c7c6cac

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/js HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-length: 81640
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

1.5 kB

URL HTTP/2
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
1.5 kB (1532 bytes)
Hash
3f2693d8ed1460eebb63dec6843d0fe8
89152b979948179c8c2ebb4600bf01ff5ca9e93d
ead7dacce520dab9aa6a850336228eeb07cf55359e9a58bd73b8fa0483d3d25d

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/plain
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download

45.133.200.3

200 OK

30 kB

URL HTTP/2
rcu6.com/index_files/82154ef468aff3ad267e57006a5dd605.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
30 kB (29903 bytes)
Hash
004521ea26954abe6f74abda7911e170
81d1676e88abd03110c96045bc1aa5db645f99be
1f73755dde02ed20dbedb8a9f747d80e47359ce129c02684a621be830e7ecd9f

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/82154ef468aff3ad267e57006a5dd605.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2

104.84.152.187

200 OK

19 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 18636, version 1.131\012- data
Size
19 kB (18636 bytes)
Hash
6bcfcbed1f0aa26a245423d2e4bcde4f
d17df2ba457e3009ee38db903b88671885c3984e
9a5b0c5eba9dfa18bae071303b7cd96ef716a5bb6d8dcf39dd53a6e931dc6b22

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-MediumCaps.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 18636
content-type: application/font-woff2
etag: "0f59ebaf2e3d81:0:dtagent10243220606153550xoQJ"
last-modified: Wed, 19 Oct 2022 19:41:05 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-591602681"
x-ua-compatible: IE=edge
cache-control: public, max-age=1665286
expires: Mon, 26 Dec 2022 07:14:10 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2

104.84.152.187

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Medium.woff2
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19976, version 1.131\012- data
Size
20 kB (19976 bytes)
Hash
3a077fd2bd5357dd3e08636baa59af5b
266784e6eb28365e3779a398e462193572b0278a
04de03ec90e95f24e347dc8ff91e6354eb0a73288e1431003e9e10de59e12d1d

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19976
content-type: application/font-woff2
etag: "01efff054ccd81:0:dtagent10243220606153550wO3Q"
last-modified: Mon, 19 Sep 2022 18:23:39 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1522232364"
x-ua-compatible: IE=edge
cache-control: public, max-age=1358060
expires: Thu, 22 Dec 2022 17:53:44 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2

104.84.152.187

200 OK

21 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Book.woff2
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 20592, version 1.66\012- data
Size
21 kB (20592 bytes)
Hash
a075767d12a8cc86d52367ef3aacec11
9aef8898e7a319ee5cbe08c5b0cec63512561d7d
e744a36d486c70943378751b1d1623c2c8f25ee10abd89365ff20162d98dd555

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 20592
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-397965887", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=2075021
expires: Sat, 31 Dec 2022 01:03:05 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2

104.84.152.187

200 OK

20 kB

URL HTTP/2
www.huntington.com/Presentation/fonts/HuntingtonApexWeb-Bold.woff2
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 19712, version 1.66\012- data
Size
20 kB (19712 bytes)
Hash
ee5e65624970575e475f375b29b0b22b
6e622749b6f7092e825eb7ed90b74c3d70fa43b9
deb1a78860a2c7ab88ddaa4a522a47ad93e26f1cc1bdd1425d108f770ce93215

HTTP Headers

GET /Presentation/fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-length: 19712
content-type: application/font-woff2
etag: "09cbc8223f9d81:0:dtagent10249220905100923HoHr"
last-modified: Tue, 15 Nov 2022 18:53:11 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
access-control-allow-origin: *
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
timing-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1293310310", dtTao;desc="1"
x-ua-compatible: IE=edge
cache-control: public, max-age=1172727
expires: Tue, 20 Dec 2022 14:24:51 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/2
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-length: 66005
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-700.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/muli-v11-latin-700.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-300.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/muli-v11-latin-300.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Book.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Book.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff2
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff2 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/index_files/vtt.global.min.js.download

45.133.200.3

200 OK

7.6 kB

URL HTTP/2
rcu6.com/index_files/vtt.global.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
7.6 kB (7560 bytes)
Hash
e2c9511df5f04fe52836c5fe390bea62
a27ca2cbad48a9c09ed69ea8ad7bafd0993fe269
4ee4f29df7d8dbbf27119edb3c8e542c0c971efd31a13280ee64bce17b626f63

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/vtt.global.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA

104.84.152.187

200 OK

5.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.7 kB (5672 bytes)
Hash
8976af11a2fb4ffb56c2de37d1501a5c
9131cc4c70a5f09777eca0163cfe001841f121ab
27f5c7ecff862d66273a687cd0193b65d06cc3ab748d76e885ae39b295df9d06

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-top.png?rev=f9b4b1a3499b453c80177a819db84182&h=304&w=860&la=en&hash=4FC2E701A91D28132D87C5378FDA60FA HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: d2a2c6d72c0a4a7883edfc4fc924ad35
last-modified: Wed, 08 Jun 2022 20:23:36 GMT
server: Akamai Image Manager
content-length: 5672
content-type: image/webp
cache-control: private, no-transform, max-age=198457
expires: Fri, 09 Dec 2022 07:47:01 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157

104.84.152.187

200 OK

1.7 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 814 x 74, 8-bit colormap, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
e275909623f8a06dea733b9f50d68189
ee712255204c913c4adb9a2a9cd0f9ba9971ea8c
11c468e07fa0178954d85e2789a16c1c3d4d1b55ab5ca9f86f9f6512d1136b93

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern-small-bot.png?rev=7ddd0b462b0949b3b43ab9cbe6111cd7&h=74&w=814&la=en&hash=8135CC9BB731030973D2853C3D715157 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 76a4f8542fb0448e94b8414051022b40
last-modified: Wed, 08 Jun 2022 21:50:39 GMT
server: Akamai Image Manager
x-serial: 1345
x-check-cacheable: YES
content-length: 1709
content-type: image/png
cache-control: private, no-transform, max-age=200896
expires: Fri, 09 Dec 2022 08:27:40 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be

104.84.152.187

200 OK

400 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
400 B (400 bytes)
Hash
9c75d30bead00eb80005940547a8a8bb
948e77324d5a0f9709bddb0b1438cd7a271337e8
8781a8a5abfa3b4adbfbe3a8b3028d7f6516b65432cebd89a51cf655a360d441

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_arrow-right.svg?rev=4d327dc783dc41b3aa3242850fc405be HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-length: 400
content-type: image/svg+xml
etag: fa17d379df254ed5a6f66038800ebf7d
last-modified: Wed, 05 Jun 2019 17:54:26 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_arrow-right.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="384403170"
x-ua-compatible: IE=edge
cache-control: public, max-age=1270045
expires: Wed, 21 Dec 2022 17:26:49 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0

104.84.152.187

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1384 bytes)
Hash
1ac44f61f40159cf891a29575701fa00
7b0aecb51d7c565310e39c1946704aec22748d37
36a47ff572326ab045f24fbb8fa2d835e093fee269316de3446272248d2f5a04

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money.svg?rev=00af80dda3084648b98ead158ac045c0 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: d3efa4d87fc24098b87f344a935558be
last-modified: Wed, 05 Jun 2019 17:56:55 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1706713405"
x-ua-compatible: IE=edge
content-length: 1384
cache-control: public, max-age=2341469
expires: Tue, 03 Jan 2023 03:03:53 GMT
date: Wed, 07 Dec 2022 00:39:24 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/EHL_Black_HouseOnly.svg

45.133.200.3

200 OK

15 kB

URL HTTP/2
rcu6.com/index_files/EHL_Black_HouseOnly.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
15 kB (14770 bytes)
Hash
a0b1347bec7715c80f568bab0a569346
ebd2839dcdfad325bd95f248c11e25d7bfc35c9c
96b7fe2ea29ac4e4515b4f02c26d126e50d32577280fbe7b595b44a833a15656

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/EHL_Black_HouseOnly.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/sp.pl.download

45.133.200.3

500 Internal Server Error

662 B

URL HTTP/2
rcu6.com/index_files/sp.pl.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
662 B (662 bytes)
Hash
40f86d54cd7619752be6acca297bed90
240ba6fb3b28037daa0cd65ed2f84d359b9d9f73
eae6939a2208653cef791a2da52efc6cc46c7df04076fafba5d6f9b266554ef1

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/sp.pl.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 500 Internal Server Error
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=iso-8859-1
content-length: 662
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-700.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/muli-v11-latin-700.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-700.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12

104.84.152.187

200 OK

1.1 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (3770), with CRLF line terminators
Size
1.1 kB (1139 bytes)
Hash
1a230e5e8908d4ec9bd6bd525095ed31
5f49b0c7686d56b6371e69ad9e8908240de0f345
bc023d7b3178af0a08eb58d08801599665c12f6fb08faf31c843633728cd6d52

HTTP Headers

GET /-/media/hcom/Redesign/Icons/HNB_icon_DARK_RGB_34x34_Corporate.svg?rev=fb65e7ff1087421990aef12976e0ce12 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: 53a09414b63d41d48397fd1719ed6944
last-modified: Wed, 15 Apr 2020 14:40:36 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="HNB_icon_DARK_RGB_34x34_Corporate.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-660840837"
x-ua-compatible: IE=edge
content-length: 1139
cache-control: public, max-age=1309633
expires: Thu, 22 Dec 2022 04:26:38 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Medium.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Medium.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Medium.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-300.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/muli-v11-latin-300.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-300.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Book.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Book.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Book.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/HuntingtonApexWeb-Bold.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/HuntingtonApexWeb-Bold.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/HuntingtonApexWeb-Bold.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/fonts/muli-v11-latin-600.woff

45.133.200.3

404 Not Found

315 B

URL HTTP/2
rcu6.com/fonts/muli-v11-latin-600.woff
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
315 B (315 bytes)
Hash
a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /fonts/muli-v11-latin-600.woff HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rcu6.com/index_files/toolkit.min.css
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html; charset=iso-8859-1
content-length: 315
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1

104.84.152.187

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4339)
Size
1.2 kB (1249 bytes)
Hash
19ac7c952619cab53123eee38648d8bd
47e839324893deeef4e9f6b46dff135e1542dc9a
1a8ffa5f523a7a462b51616592473a2799bb0d687c1391d7d2ba3e5a58f95d78

HTTP Headers

GET /Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css
etag: "01efff054ccd81:0"
last-modified: Mon, 19 Sep 2022 18:23:40 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-943239442"
x-ua-compatible: IE=edge
content-length: 1249
cache-control: public, max-age=1680595
expires: Mon, 26 Dec 2022 11:29:20 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209

104.84.152.187

200 OK

48 B

URL HTTP/2
www.huntington.com/-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 10x10, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
48 B (48 bytes)
Hash
6cbb1156f106670a020e38cf19fcc217
1b7325891051a3dc891b704084a7df0f8579c37d
a26c2e015e5e7986a5f83c09da99d9a7ab04c42d650ac2a69d680538e82eb1dd

HTTP Headers

GET /-/media/hcom/BackgroundImages/charcoal-block.png?rev=e2081e239c1446eca50211281c3c5209 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 77183e5a07ca45fcbaf010bf53aff281
last-modified: Fri, 14 Oct 2022 11:49:17 GMT
server: Akamai Image Manager
content-length: 48
content-type: image/webp
cache-control: private, no-transform, max-age=516256
expires: Tue, 13 Dec 2022 00:03:41 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F

104.84.152.187

200 OK

10 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
10 kB (10388 bytes)
Hash
10b43fef9c52b9d14a97c7ca5ce00b13
b3976f1f9a817c80c98040df7f6eafbb1e5396ee
42836d28ddb87bdb39b52eabe6038e5f1541efe542515adddcfb8efb17ea020c

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern3.png?rev=e76241c021b44e92a7f9d3a1409cfb9b&h=292&w=1242&la=en&hash=A8569DEE27F3793E9FE16F5E5F4CE04F HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 4fb20a3a01f5492ca8289996b580052a
last-modified: Thu, 09 Jun 2022 17:50:18 GMT
server: Akamai Image Manager
content-length: 10388
content-type: image/webp
cache-control: private, no-transform, max-age=113149
expires: Thu, 08 Dec 2022 08:05:14 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/chat-fab.js.download

45.133.200.3

200 OK

32 kB

URL HTTP/2
rcu6.com/index_files/chat-fab.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
32 kB (31875 bytes)
Hash
8c9e54edc5918b710eca2c690f65351d
f85bac5a6455369fd9b4201d801899a998963742
ccadd60bab4054d01a106aeb736d963fd7de17d039eeec7d09b789c4b44ab286

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/chat-fab.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D

104.84.152.187

200 OK

16 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
16 kB (15490 bytes)
Hash
951228a305b66576a1ea5e8c0de62b9b
46af907560964bbbe009b2ccad280ea33a743af3
9a752738f5e04abde40c93be70a7b5bcca992d206864ce95f7825bfb7081afd0

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern1-flipped.png?rev=335b1807cd914c6a9cfa1bdb1c029612&h=548&w=1258&la=en&hash=87E8C5CF8C9D907A224924701413713D HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: e29268cf6e3344b5a85a51723c7d981e
last-modified: Thu, 13 Oct 2022 23:11:12 GMT
server: Akamai Image Manager
content-length: 15490
content-type: image/webp
cache-control: private, no-transform, max-age=332237
expires: Sat, 10 Dec 2022 20:56:42 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77

45.133.200.3

200 OK

66 kB

URL HTTP/2
rcu6.com/index_files/eeb40badb221607a1bf7e89412ef77
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
ASCII text, with very long lines (65536), with no line terminators
Size
66 kB (66005 bytes)
Hash
93e3090f4a1ac38fc394a901ba3136b9
17c8b1d598a83d82c125bf701f5ff79ad0d63ffc
8bd5e5729a3fb989a0bcb99fd966df11e1c44198c447712fa4136996e2b28c0a

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/eeb40badb221607a1bf7e89412ef77 HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/nuanceChat.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 66005
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e

104.84.152.187

200 OK

120 kB

URL HTTP/2
www.huntington.com/-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 982x1270, components 3\012- data
Size
120 kB (119802 bytes)
Hash
5ae74a975c38365d32213c22d43bb7ea
55e76e42524741c38d83f7fdf26b6c892050ab87
ec251060273f77a254fa4766a6a103c02f34ce37f1250b688a86f048c885585c

HTTP Headers

GET /-/media/hcom/home/tab/v-desktop-white-glasses-grn.jpg?rev=313d718a427a45ab98aea611f4fcb99e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 2206b44971fd446d95c06e37683211a2
last-modified: Wed, 08 Jun 2022 20:16:41 GMT
server: Akamai Image Manager
content-length: 119802
content-type: image/jpeg
cache-control: private, no-transform, max-age=167701
expires: Thu, 08 Dec 2022 23:14:26 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3

104.84.152.187

200 OK

42 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 710x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
42 kB (42250 bytes)
Hash
6f05a70c13af36e7fe5e62cfe6fbf57f
39e32f5cfc4132dce53bc536f05e5425a9832ae1
aa0467ff6a034d37cae7552dd7a9ecda5d0e1add6e70fe88f8b123ebd6fc524f

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-business-woman-standing-grn.jpg?rev=817db1822cf3401c87aa78a03ff4b3d3 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 5cb85c318c894340af50f107ee9f1c66
last-modified: Wed, 08 Jun 2022 19:55:58 GMT
server: Akamai Image Manager
x-serial: 1550
x-check-cacheable: YES
content-length: 42250
content-type: image/webp
cache-control: private, no-transform, max-age=353771
expires: Sun, 11 Dec 2022 02:55:36 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e

104.84.152.187

200 OK

91 kB

URL HTTP/2
www.huntington.com/-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x725, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
91 kB (91194 bytes)
Hash
a2931179dfaf48bba6876efb015b4f3c
7d7d6a94bd8a226cc38ab3c6134edb16b7e9f6ae
7a738c847e87cff5e7e3c8bc690528d4fda210f9f13362f627f6d18e1098bc24

HTTP Headers

GET /-/media/hcom/commercial/homepage/CML-hero-NEW-mobile.jpg?rev=22d08808a1ab4a47b597b976359f054e HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 7cebda52e3374a859172a0af2ce73326
last-modified: Wed, 08 Jun 2022 21:50:12 GMT
server: Akamai Image Manager
x-serial: 149
x-check-cacheable: YES
content-length: 91194
content-type: image/webp
cache-control: private, no-transform, max-age=386641
expires: Sun, 11 Dec 2022 12:03:26 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1

104.84.152.187

200 OK

14 kB

URL HTTP/2
www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (45689), with no line terminators
Size
14 kB (14478 bytes)
Hash
1ee15309bb313a5479cf9d3c90953de2
0e1c797088d6be92035bff7e5495b3a953b5a6b4
a57d97a52e080f530b7c9e39563b957174720ed6c8b57a119321ad4f9b70b7bf

HTTP Headers

GET /Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: application/javascript
etag: "09cbc8223f9d81:0"
last-modified: Tue, 15 Nov 2022 18:53:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="129805509"
x-ua-compatible: IE=edge
content-length: 14478
cache-control: public, max-age=1673632
expires: Mon, 26 Dec 2022 09:33:17 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA

45.133.200.3

200 OK

42 B

URL HTTP/2
rcu6.com/index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=COLax8Lq_OgCFcHiGwodQuAFKA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/activityi.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 42
last-modified: Thu, 23 Apr 2020 00:07:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA

45.133.200.3

200 OK

42 B

URL HTTP/2
rcu6.com/index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CLzUyMLq_OgCFcxIGwod_Z0CmA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/activityi(1).html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 42
last-modified: Thu, 23 Apr 2020 00:07:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

rcu6.com/index_files/site_10006663_default.js.download

45.133.200.3

200 OK

9.4 kB

URL HTTP/2
rcu6.com/index_files/site_10006663_default.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
data
Size
9.4 kB (9379 bytes)
Hash
439caa0ee9228ac06780469075b55ea3
c8f9731b7b4b7402cd27c9a7523edb7084015b3d
6c8bc7796772cd7fc579017eeeb25473fad0cf38800b59a2c9e0d7746aaeedf8

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/site_10006663_default.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/nuanceChat.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA

45.133.200.3

200 OK

42 B

URL HTTP/2
rcu6.com/index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Detections

Analyzer	Verdict	Alert
urlquery	huntington	Phishing - Huntington
openphish	Huntington Bank

HTTP Headers

GET /index_files/dc_pre=CM6-vsLq_OgCFVKRGwod-FIBAA HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/activityi(2).html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 42
last-modified: Thu, 23 Apr 2020 00:07:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe

104.84.152.187

200 OK

47 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1440x810, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
47 kB (46614 bytes)
Hash
f46268f2799d168f6a57d30321938f75
7dbb0732e4a0bb2aad4a24274f37867ccff0846e
1214167d2deea4ca58c92c53ce99080170ca94aa5c5d9c226fec34c68370bf49

HTTP Headers

GET /-/media/hcom/Redesign/video-hero/hero-bg-video-garcias.jpg?rev=0af5f97d8911497cb477a860238dfefe HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: c69b1afaa18b4dcd9f9d1422ebfd2153
last-modified: Fri, 11 Nov 2022 21:24:13 GMT
server: Akamai Image Manager
content-length: 46614
content-type: image/webp
cache-control: private, no-transform, max-age=163179
expires: Thu, 08 Dec 2022 21:59:04 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E

104.84.152.187

200 OK

3.6 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.6 kB (3568 bytes)
Hash
56604a7df3f4c9c9b03ec95a8a54b3db
ed50b495fcc27a35158336e37098001191cf4a54
815f38d3f26ce6455ca858ce73abb3bf6192065c09e8c7118eb736ed20e6dbb9

HTTP Headers

GET /-/media/hcom/Redesign/hex-pattern4.png?rev=99c678cf4fae4e75875d664eddd46fc3&h=72&w=1054&la=en&hash=C37D5A31D3EE7679D9A333715887649E HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: 8ac43a653e8f4954b8919fe5d18f2481
last-modified: Thu, 09 Jun 2022 18:21:54 GMT
server: Akamai Image Manager
content-length: 3568
content-type: image/webp
cache-control: private, no-transform, max-age=43200
expires: Wed, 07 Dec 2022 12:39:25 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c

104.84.152.187

200 OK

92 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1400x801, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
92 kB (91480 bytes)
Hash
ce99a1fb536d02f0dcc782ffb8438c0c
25560e8eca53546add5f3369e769b4b0b1d43557
0b5a268c9e87c892162c2771ad7e2e38a7fed8093583f95b29295ea8d582f80c

HTTP Headers

GET /-/media/hcom/Redesign/v-desktop-privatebank-man-on-chair.jpg?rev=06f9d4fed776478797de6eba39488e9c HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: efd57170b2f44cc3b266f06b8d9243c7
last-modified: Thu, 09 Jun 2022 17:54:43 GMT
server: Akamai Image Manager
content-length: 91480
content-type: image/webp
cache-control: private, no-transform, max-age=313857
expires: Sat, 10 Dec 2022 15:50:22 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95

104.84.152.187

200 OK

980 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2132), with CRLF line terminators
Size
980 B (980 bytes)
Hash
b458b2b05ca5d4504443dc1acd27e1b3
28840cccc8d7a75ea11f681fe0c692aea1f4eb5d
1d0cb599a83bda7ac4da5d34139d74016fac29366d04abfeb28d74b609860c76

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_check.svg?rev=329190a3c28b47f1bf946311a98c5f95 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 7d2f6b352081426d90293ee580660924
last-modified: Wed, 05 Jun 2019 17:55:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_check.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtRpid;desc="1638360597"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2374894
expires: Tue, 03 Jan 2023 12:20:59 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 980
X-Firefox-Spdy: h2

rcu6.com/index_files/site-survey.min.js.download

45.133.200.3

200 OK

3.5 kB

URL HTTP/2
rcu6.com/index_files/site-survey.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 text, with very long lines (7496), with CRLF, LF line terminators
Size
3.5 kB (3506 bytes)
Hash
8747d0a2cc580a926112ecc2b118ad81
206188f5ae1d2e6ae00d7d67b0126f66321cdd1a
7a73e471dafcfa85ff31d4ad2730efc23deb45947f66ca6fe5088a981523af09

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c399621c90e70d828515cf96697062a
46ee4376019c5fa09dfa58f36d186d4110090249
aafb03cbdf63f19ff5750b8f91b5224d4a6658dd967dfe1c7ad83d71b415477b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=95977
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:25 GMT
Etag: "638eb4a6-1d7"
Expires: Thu, 08 Dec 2022 03:19:02 GMT
Last-Modified: Tue, 06 Dec 2022 03:19:02 GMT
Server: nginx
Content-Length: 471

www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9

104.84.152.187

200 OK

1.4 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2831), with CRLF line terminators
Size
1.4 kB (1387 bytes)
Hash
530a243cc209cd8afce6d3a197c5bd17
e5a7c57ce240c2ac73e936359600a30ae62fd58a
8c46775a644575089db972ec9730ca8107c1f5c22f34b2dfaeb0764f59fcc767

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_money-green.svg?rev=10b98fbda07945aeaada0a77aabdb0e9 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: image/svg+xml
etag: bcda849763ff48be83f5925ec46aa828
last-modified: Wed, 05 Jun 2019 17:57:06 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_money-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-1190375871"
x-ua-compatible: IE=edge
content-length: 1387
cache-control: public, max-age=1734897
expires: Tue, 27 Dec 2022 02:34:22 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2

rcu6.com/index_files/outdated.min.js.download

45.133.200.3

200 OK

113 kB

URL HTTP/2
rcu6.com/index_files/outdated.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type
Unicode text, UTF-8 text, with very long lines (64409)
Size
113 kB (113199 bytes)
Hash
76858bc55989f76350f3e4c10e1e486c
1624a740852cd185743393d055e44b545c90a702
a849aac467c3fc1faed10eb007b7d1176c251d0d0716d21a4c92d237b88b8cd0

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/outdated.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf

104.84.152.187

200 OK

1.2 kB

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (2280), with CRLF line terminators
Size
1.2 kB (1175 bytes)
Hash
fdb0d7da9f5dc5e4542c13cdbcf47ed6
070fa7b80f5b3bdc7488310cd2bfe488723ebbb4
a68268f938c5db2376f145fb4bca2598f5933edc3f0a891a376df9870f49e1d2

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_hand.svg?rev=50addca3f66b427f9326d961ca6063cf HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: 4e8db6ed00a645e18ee39fe6b51a08be
last-modified: Wed, 05 Jun 2019 17:56:14 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_hand.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="1383447103"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2591991
expires: Fri, 06 Jan 2023 00:39:16 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 1175
X-Firefox-Spdy: h2

www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2

104.84.152.187

200 OK

993 B

URL HTTP/2
www.huntington.com/-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (1811), with CRLF line terminators
Size
993 B (993 bytes)
Hash
cac6c8de29569656e3d94fa40e6dea0c
deb5ec56b0c824f8c1e4c24e4c5af4ddb4b80fde
b064f32f5470e9dd978f554b692b13a158f8ba3d39d18937b523e8b09d226877

HTTP Headers

GET /-/media/hcom/Redesign/Icons/icon_people-green.svg?rev=d327b741cc9044fe883ff5f535d3e1c2 HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/svg+xml
etag: dcfd27c09cc34b5e842ea415ae9880e6
last-modified: Wed, 05 Jun 2019 17:59:00 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-disposition: inline; filename="icon_people-green.svg"
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: no-referrer-when-downgrade
server-timing: dtSInfo;desc="0", dtRpid;desc="-73317972"
x-ua-compatible: IE=edge
vary: Accept-Encoding
content-encoding: gzip
cache-control: public, max-age=2521326
expires: Thu, 05 Jan 2023 05:01:31 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 993
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException

63.34.68.24

204 No Content

0 B

URL HTTP/2
ensighten.huntingtonbank.com/error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException
IP
63.34.68.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /error/e.gif?msg=Dependency%20with%20id%20679729is%20missing&lnn=7&fn=https%3A%2F%2Frcu6.com%2Findex_files%2FBootstrap.js.download&cid=1035&client=huntington&publishPath=com&rid=-1&did=-1&errorName=DependencyNotAvailableException HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
cache-control: no-cache, no-store
x-cache: Hit from cloudfront
via: 1.1 ed03f18c47649fd55292e71a1aea7064.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB2-C1
x-amz-cf-id: 3y4_TA2NYn9Ur6kNTasYEEECJ15OW3I6ofUqesG7Yq0rcWpeUpaLlA==
age: 75756
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=DC-10701487

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=DC-10701487
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (44137 bytes)
Hash
22a519e80498b3fd762ef85b24e7f901
6662b2dcd3eaa66691b05b2b3526f4cfc542d103
d11e653a1966a792458cebe18d8a6f0fd91f40b3b98ea9e6ddd6f0d981812d8a

HTTP Headers

GET /gtag/js?id=DC-10701487 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 00:39:25 GMT
expires: Wed, 07 Dec 2022 00:39:25 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774

63.34.68.24

200 OK

39 kB

URL HTTP/2
ensighten.huntingtonbank.com/huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774
IP
63.34.68.24:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (557)
Size
39 kB (39202 bytes)
Hash
e615fbb0a531dfa8f90492e3b2c587c9
5a87f6d024219eb2373fb79395c01682773a1fb2
fa53857a7edd375f066fd7ebdabd1eb0c9c086a53bdca1d65287cc554562f6ea

HTTP Headers

GET /huntington/com/code/e4e4515980f369e0500408adfa565653.js?conditionId0=422774 HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 25 Oct 2022 01:03:34 GMT
etag: W/"5828bc2a2ceaa2961527eedaf4167b77"
x-amz-server-side-encryption: AES256
cache-control: max-age=315360000
x-amz-version-id: _Eu9yh546j8gLFYRdH7PZW2b19GSVtw7
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 868d57626c2e63837bea7fc94e09436e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB2-C1
x-amz-cf-id: FKrcORRRTz42bTcpzxdGSB5l1D-1LZqzJ2jobocFSK4OzcBCK73__g==
age: 3713722
X-Firefox-Spdy: h2

huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js

52.177.241.160

200 OK

2.7 kB

URL HTTP/2
huntingtonbank.inq.com/tagserver/js/ads-blocking-detector.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
data
Size
2.7 kB (2676 bytes)
Hash
3d60d8ec89344bc39344e283ea0cd077
42a09d528868233b642542ff3274b4f64fbea1d7
ae26428820ed3919389cd9010de87dd001014826ab636fa897e528132034fd3a

HTTP Headers

GET /tagserver/js/ads-blocking-detector.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript
cache-control: max-age=3600
p3p: policyref="http://huntingtonbank.inq.com/w3c/p3p.xml", CP="NON DSP LAW CUR ADMi TAIi PSAi PSD TELi OUR SAMi IND PHY DEM ONL STA NAV UNI LOC COM CNT"
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
etag: W/"7630-1668744896000"
last-modified: Fri, 18 Nov 2022 04:14:56 GMT
vary: accept-encoding
content-encoding: gzip
server: Nuance Server
X-Firefox-Spdy: h2

www.huntington.com/Presentation/images/favicon-16x16.png

104.84.152.187

200 OK

322 B

URL HTTP/2
www.huntington.com/Presentation/images/favicon-16x16.png
IP
104.84.152.187:0
ASN
#20940 Akamai International B.V.

File type
RIFF (little-endian) data, Web/P image\012- data
Size
322 B (322 bytes)
Hash
55f45d358206ca31c4759defeea3be62
04c605b51629b94085bc2bd054b4e6c6989b2ffb
1c8581c1cc0ae1972eaf6022b377d3cb4c343f9c14d441376b1c546996685f51

HTTP Headers

GET /Presentation/images/favicon-16x16.png HTTP/1.1
Host: www.huntington.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
etag: "0d42de2dc28d81:0"
last-modified: Wed, 08 Jun 2022 21:36:06 GMT
server: Akamai Image Manager
content-length: 322
content-type: image/webp
cache-control: private, no-transform, max-age=199523
expires: Fri, 09 Dec 2022 08:04:48 GMT
date: Wed, 07 Dec 2022 00:39:25 GMT
X-Firefox-Spdy: h2

f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001

151.101.130.27

200 OK

51 kB

URL HTTP/2
f1.media.brightcove.com/8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001
IP
151.101.130.27:0
ASN
#54113 FASTLY

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size
51 kB (51192 bytes)
Hash
4cc0c7dca6a70b838f366f14bbf0e7af
145e954f96c3bc3f7cf9fe5f4bfdaa55e0a698a1
3ac85f38c5f9ae299a2dcbe4cac1af9f50baee5c25b2a392ff3136f299e2eb61

HTTP Headers

GET /8/1317241590001/1317241590001_6040303493001_6040298859001-vs.jpg?pubId=1317241590001&videoId=6040298859001 HTTP/1.1
Host: f1.media.brightcove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/jpeg
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
etag: "4cc0c7dca6a70b838f366f14bbf0e7af"
expires: Tue, 08 Nov 2022 16:37:09 GMT
last-modified: Thu, 23 May 2019 15:36:19 GMT
via: 1.1 72b77c557ac4c265c32d99bdef4e9d6a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-amz-cf-pop: IAD79-C3
x-amz-cf-id: qZydNnsGvqidKCtYzgMhSfDcUgLBlDLsk_Gn4shnzWqZkPbUjjlRRw==
cache-control: max-age=0
accept-ranges: bytes
date: Wed, 07 Dec 2022 00:39:25 GMT
age: 3052936
x-served-by: cache-iad-kiad7000060-IAD, cache-bma1665-BMA
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 152, 1
x-timer: S1670373566.896891,VS0,VE1
content-length: 51192
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.6 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (12961)
Size
4.6 kB (4581 bytes)
Hash
c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=57621
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2

huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js

52.177.241.160

200 OK

2.0 kB

URL HTTP/2
huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
IP
52.177.241.160:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (1021)
Size
2.0 kB (1974 bytes)
Hash
6bb8153783efa9d79386ef1fd0b5d20a
b7b6f3bc8f05161166c883cedfba33d119761430
558588effb92606a76ebe3b5f006052f7021b461715225a613452546ab7e9995

HTTP Headers

GET /chatskins/launch/inqChatLaunch10006663.js HTTP/1.1
Host: huntingtonbank.inq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript
content-length: 1974
server: TouchCommerce Server
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
cache-control: no-cache
samesite: Strict
etag: "7LnUGa92njb"
last-modified: Thu, 01 Dec 2022 06:36:04 GMT
accept-ranges: bytes
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1958
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Last-Modified: Wed, 07 Dec 2022 00:06:48 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 00:39:26 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
82dc811a8b106183fe1a3c92caca7a67
6f91d328a356a18d85a192a057f8bb0f12bd310d
618addad95581f04d48245ca12062d5b959e236b7fbf12d4966471abb4b1e834

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 00:39:26 GMT
Connection: keep-alive

px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=https%3A%2F%2Frcu6.com%2Femail-account.php&time=1670373563769

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&url=https%3A%2F%2Frcu6.com%2Femail-account.php&time=1670373563769
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=&url=https%3A%2F%2Frcu6.com%2Femail-account.php&time=1670373563769 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&ec5d6643-7742-4283-809e-33d3a8aaafaf"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 07-Dec-2023 00:39:25 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2390:u=1:x=1:i=1670373565:t=1670459965:v=2:sig=AQHnVFc3bHLnzhSizC-AHmiIAi1HVaZ7"; Expires=Thu, 08 Dec 2022 00:39:25 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXvMicKkiBfid8dLZHvYA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0DA7B6AB3CC24643B3EF49A61B739A2B Ref B: OSL30EDGE0210 Ref C: 2022-12-07T00:39:25Z
date: Wed, 07 Dec 2022 00:39:25 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4258
Expires: Wed, 07 Dec 2022 01:50:24 GMT
Date: Wed, 07 Dec 2022 00:39:26 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg

34.120.237.76

200 OK

3.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.2 kB (3175 bytes)
Hash
cefc5a863db79a7a8acd7366322ea34d
ec084f21bd0bcf5c101366e5732421835b3230d3
ee5a022da888181060a9d4ac8ab18fb8e35143b5f046f905d38553b9552f0bbb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe44b6ac-66fe-4013-a696-460f9692e93e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3175
x-amzn-requestid: 3b5ffd5c-a8a5-40d8-b370-c13b0da5f543
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csXJEF0hIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6bd3-40d73fc5702a607c4ef71574;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 22:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ltw2ovrQ4bRR1LL2qVEls_GK9w7PmSjA44rasHU5PfqroV2-WRWx_w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 17:22:47 GMT
age: 26199
etag: "ec084f21bd0bcf5c101366e5732421835b3230d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6186 bytes)
Hash
535710165275856757bd7d1689f79de3
d51162b7fcba50022482b7130a556f3a7dfe822f
c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4ORpzqbzQyJz_i3wpxf_07mXK3ovj1JT8kn-M9fdrGRgDVig7hhN5w==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 12:25:50 GMT
age: 44016
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

157.240.200.14

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
157.240.200.14:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: dkrO30KdQISkaKJAdD+jHViyEgt/YbWnz8HepyLqeUhOUtz7TCh7xNUV4ia+pcrcKtXCRyroaHxKHg+PRxvptA==
content-length: 27340
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 00:39:26 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303?

142.250.74.166

302 Found

0 B

URL HTTP/2
fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303?
IP
142.250.74.166:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303? HTTP/1.1
Host: fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 00:54:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14896 bytes)
Hash
4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gKrU6wAuRsrr4_VwxjHIsTHjAB_L3xy6VQPRFBTUrK4vd7ycP3kyig==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:46:26 GMT
age: 60780
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6846 bytes)
Hash
a7ee62c5e846e8ad4808f4724f15146d
6d55b299f906908309f91eaf0a720ad65866db04
0d8f51d6f7f3bad4bb9d9c3000999739147f6dd718b290b0dca71a4cba85cb38

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80a12c85-454b-4e03-bf75-3fa8228659c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6846
x-amzn-requestid: 53452103-6559-460c-ac40-4685e6816aa4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGx4E-mIAMFatg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a5-5327ec9a2f247cc91654df80;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Znjnq24wuXoi43Bfc9aPdcUHhMh-a00hSCXUHFpHq3sTtQQoUYe6Uw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:29:49 GMT
age: 61777
etag: "6d55b299f906908309f91eaf0a720ad65866db04"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10362 bytes)
Hash
550ee57c325ce8d4892400deb24141d3
acece1761a7d4d3926500726c19d528bb204ef4c
7cc68e966362916947e7d6e24d3c001c64298fec2438a97538765d801fa7c92c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd933687b-86e0-407a-9bff-2debb09d5167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10362
x-amzn-requestid: 7fdd2011-e283-467e-9f04-741946a834ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpl_1EsooAMFhvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5065-0cddad1919d984065bd0b03e;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 01:59:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WtZWFmfVSXYRQlYwpBxj8JG_WC91ik_p68HjX7-wCfYb0624CvcBSA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:58:02 GMT
age: 71600
etag: "acece1761a7d4d3926500726c19d528bb204ef4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5704 bytes)
Hash
2d237b386960b3fbbcfdde0d2f0179ca
46c6733ae3f0c01f1ec1f71790d71cac9797fcd2
4a86ff99f57d9dea3d7f2f22a02f54f3e9bfbdfca07722d1a7c3d25a1dc5160c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffedaa717-23e2-407d-9833-52d537b9b6c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5704
x-amzn-requestid: 7b87f011-2d7b-41fc-9897-358e5d1a3e5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cc4a2FrvIAMF5tw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63883aab-32ed5f3631606c622938642e;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 05:24:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TdQ61Y7uA27y4OllBFy0cyFxVJ6oD-dOJxL_B2rpmsz0xvN-VD9FhQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:56:55 GMT
age: 9751
etag: "46c6733ae3f0c01f1ec1f71790d71cac9797fcd2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d44205a852cedc47da2373b3542f2ca0
884e5d2d7ef372a86e7edc3f8c1dc63a3b4fbe82
f2adb5b3e4b05ad953d43f483497243ae66c148f2af8f39473ddc6fcf2623bb9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4866
Cache-Control: max-age=135054
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Etag: "638f3a4a-1d7"
Expires: Thu, 08 Dec 2022 14:10:20 GMT
Last-Modified: Tue, 06 Dec 2022 12:49:14 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

54.230.111.8

200 OK

0 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rcu6.com/
Origin: https://rcu6.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 0
date: Tue, 06 Dec 2022 05:38:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6EFqwHdLvTWAmjgFpsVAtg3zH0sZ2F9zhp06NdrufTzf0r7CRqMxzw==
age: 68452
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
82dc811a8b106183fe1a3c92caca7a67
6f91d328a356a18d85a192a057f8bb0f12bd310d
618addad95581f04d48245ca12062d5b959e236b7fbf12d4966471abb4b1e834

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303?

142.250.74.70

200 OK

186 B

URL HTTP/2
2782440.fls.doubleclick.net/activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (399), with no line terminators
Size
186 B (186 bytes)
Hash
eb4621e190c075c9641e5f818dea7e36
16094c967f2d86a46c65d32f799a5bb5845baba2
b6501d3ca4806258376690e00da7c1460e3d670209a2757445ad9d8fa991f641

HTTP Headers

GET /activityi;src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303? HTTP/1.1
Host: 2782440.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rcu6.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 186
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 00:54:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
81a7e0ed8b45460991a7d9b719423d48
fa4824b64d5484b955cecebbeea06710ced4fba5
2fb356139722003d5c83566b936968a5ce9ba3756f69ace50a53bea6c1b9f7eb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670373565860&cv=11&fst=1670373565860&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.130

200 OK

930 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849073348/?random=1670373565860&cv=11&fst=1670373565860&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2031), with no line terminators
Size
930 B (930 bytes)
Hash
fd369f8287c1786ba3decf9dd1d71016
d8d90c7d3ca18533314bac07fbc63f734bcac605
8ff790c2de4245c9219652d879216326f1d261e03ceaee83fd002da1b496d8e6

HTTP Headers

GET /pagead/viewthroughconversion/849073348/?random=1670373565860&cv=11&fst=1670373565860&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 00:54:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token

54.230.111.8

200 OK

992 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/291554/domain/rcu6.com/token
IP
54.230.111.8:0
ASN
#16509 AMAZON-02

File type
data
Size
992 B (992 bytes)
Hash
659cc9ff6cb2bc1195db0166d7f81952
cc1e7f36827115bced244512e2a51be5c91a3c8e
6c8c7388eae06a7e49f7310994276547e150df5329d7a1388ec21553e00d5dbe

HTTP Headers

GET /partner/291554/domain/rcu6.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
date: Wed, 07 Dec 2022 00:14:59 GMT
access-control-allow-origin: *
cache-control: public, max-age=29918
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UE-7Z30dHDDKOI8NsX6k2w-j9laqhBfaP_Orm6c4QjbiX8Vy5p4mtg==
age: 1467
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670373565905&cv=11&fst=1670373565905&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.130

200 OK

931 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/391028924/?random=1670373565905&cv=11&fst=1670373565905&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2029), with no line terminators
Size
931 B (931 bytes)
Hash
c9fe0e696448f74f95071684c3e57ad9
f5bea7fe5f93b50445cf579d4d77d82e9d9cad68
870b2eb8b445f49ec94bbeb905991e7f626aed6f03ef62bf602fec131b8f28c0

HTTP Headers

GET /pagead/viewthroughconversion/391028924/?random=1670373565905&cv=11&fst=1670373565905&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 931
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 00:54:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670373565883&cv=11&fst=1670373565883&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4

142.250.74.130

200 OK

930 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/849063932/?random=1670373565883&cv=11&fst=1670373565883&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2031), with no line terminators
Size
930 B (930 bytes)
Hash
39e05184e45c924817b2332835a6dd21
a2560635757ce69e08536e67edfbc932658e703c
556e45e3ae2e637d5f3a8ca62e9c8dcbc1d13423849b7d8889373e133e2823e8

HTTP Headers

GET /pagead/viewthroughconversion/849063932/?random=1670373565883&cv=11&fst=1670373565883&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&auid=995882812.1670373566&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 930
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 07-Dec-2022 00:54:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd6dabd083ee1c237c8ea3ba38cc48d5
bbe4420bf1c0fe0d5621336865563418d2f16f39
c9314cdac13bc2ea94505f473538ab4d5c0a940dfbc2f5447e6f22a5af580572

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d9339bfb0393ef6575db48a0481f2556
351fa573fc3ea6626f3258061743cad65e0c4fce
5890254c4fac81ab169d788b9e5f9100f36e1ea2a2a6fe9036c45122aff062b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/

216.58.211.2

200 OK

187 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/
IP
216.58.211.2:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (398), with no line terminators
Size
187 B (187 bytes)
Hash
ad89faed5686ce99c5edd528ef4fe0ea
d7b593cfa564f9cfe9f090e6865c6f7ce6b4b814
efcac03cadb910296c77eb816bd85582258c154bb637d1916f0231319c2ecb92

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2782440.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2000%3A39%3A25%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8

212.82.100.181

200 OK

0 B

URL HTTP/2
sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2000%3A39%3A25%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8
IP
212.82.100.181:0
ASN
#34010 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sp.pl?a=10000&d=Wed%2C%2007%20Dec%202022%2000%3A39%3A25%20GMT&n=0&b=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&.yp=10030245&f=https%3A%2F%2Frcu6.com%2Femail-account.php&enc=UTF-8 HTTP/1.1
Host: sp.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 00:39:26 GMT
expires: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
cache-control: no-cache, private, must-revalidate
content-type: application/x-javascript
accept-ranges: bytes
content-length: 0
server: ATS
age: 0
strict-transport-security: max-age=31536000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
set-cookie: A3=d=AQABBL7gj2MCEOloZ-gmIKyRMY0z0h0D-CsFEgEBAQEykWOZYwAAAAAA_eMAAA&S=AQAAAgZN-Y-xgqUhx5mnbuzvOxM; Expires=Thu, 7 Dec 2023 06:39:26 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=0&ipr=y

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=0&ipr=y
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=0&ipr=y

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=0&ipr=y
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=0&ipr=y

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=0&ipr=y
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=0&ipr=y

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=0&ipr=y
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849073348/?random=1670373565860&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2602193056&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/786635084/?random=1670373565834&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2080411212&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/391028924/?random=1670373565905&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=287414819&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=1&ipr=y

142.250.74.131

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=1&ipr=y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/849063932/?random=1670373565883&cv=11&fst=1670371200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Frcu6.com%2Femail-account.php&tiba=Online%20Banking%2C%20Insurance%2C%20Investing%2C%20Loans%20%26%20Credit%20Cards%20%7C%20Huntington%20Bank&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4183572806&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
013b65c5b52bb7855158194ff2024fb8
94eae308d8338735898e90536fc6ba076ff28cdd
bb5ab17efd81056c5f0ab03312011b63acb099c0e249364464391af52428098e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 00:39:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=2782440;type=brand313;cat=hunti038;ord=9754760513306.303;~oref=https://rcu6.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 00:39:26 GMT
expires: Wed, 07 Dec 2022 00:39:26 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670373566391&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670373566389.1739564742&it=1670373565960&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1b9d0647-9de1-4d52-9158-cc3d0abae1d0&exp=b2&rqm=GET

157.240.200.35

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670373566391&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670373566389.1739564742&it=1670373565960&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1b9d0647-9de1-4d52-9158-cc3d0abae1d0&exp=b2&rqm=GET
IP
157.240.200.35:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /tr/?id=5140493269326436&ev=PageView&dl=https%3A%2F%2Frcu6.com%2Femail-account.php&rl=&if=false&ts=1670373566391&sw=1280&sh=1024&v=2.9.89&r=stable&a=tmensighten&ec=0&o=29&fbp=fb.1.1670373566389.1739564742&it=1670373565960&coo=false&dpo=LDU&dpoco=0&dpost=0&eid=1b9d0647-9de1-4d52-9158-cc3d0abae1d0&exp=b2&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 07 Dec 2022 00:39:26 GMT
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9ee6f6f7d7460ddc51c7b98ca5e144e2
007f1069375b9a06a08258d1d910107d975ec254
0b9b7381999d15cff7e54121cd87a22c6bbd795709a954590287fe0546e7a944

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B9B7381999D15CFF7E54121CD87A22C6BBD795709A954590287FE0546E7A944"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19857
Expires: Wed, 07 Dec 2022 06:10:25 GMT
Date: Wed, 07 Dec 2022 00:39:28 GMT
Connection: keep-alive

mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-11%24S58JT91Q1G6C38416VJKDMCFETULSUM9;dtLatC=270;referer=https%3A%2F%2Frcu6.com%2Femail-account.php;visitID=UDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO;app=0bd76d7cc9264013;end=1

100.24.162.178

200 OK

28 B

URL HTTP/1.1
mef957.dynatrace-managed.com/bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-11%24S58JT91Q1G6C38416VJKDMCFETULSUM9;dtLatC=270;referer=https%3A%2F%2Frcu6.com%2Femail-account.php;visitID=UDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO;app=0bd76d7cc9264013;end=1
IP
100.24.162.178:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with no line terminators
Size
28 B (28 bytes)
Hash
b3b616cdccc63672fb7dfb1c9cf17b94
209c6645bf2bfc5aa3114d56846f37b51f018728
1280314b5bc8ff4f42b0ae1b45c42bceeddce7f4a09a13e24aa7f316dd4ae028

HTTP Headers

POST /bf/55ab56e3-f58b-45f8-a01d-56e2db48866f?dtCookie=-11%24S58JT91Q1G6C38416VJKDMCFETULSUM9;dtLatC=270;referer=https%3A%2F%2Frcu6.com%2Femail-account.php;visitID=UDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO;app=0bd76d7cc9264013;end=1 HTTP/1.1
Host: mef957.dynatrace-managed.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1309
Origin: https://rcu6.com
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 00:39:28 GMT
Content-Type: text/plain;charset=utf-8
Cache-Control: no-cache
Content-Length: 28

ocsp.godaddy.com/

192.124.249.24

200 OK

1.8 kB

URL HTTP/1.1
ocsp.godaddy.com/
IP
192.124.249.24:0
ASN
#30148 SUCURI-SEC

File type
data
Size
1.8 kB (1777 bytes)
Hash
86476fbd753267ea2ee3851675410160
977e0b791ee980544ba9ec54b572d7fa845ed620
a38bdc3f0d807964940714cfd06d8b98e83256f8fa0418409c3fee0493fe4797

HTTP Headers

POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 07 Dec 2022 00:39:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 06 Dec 2022 20:06:23 GMT
Expires: Wed, 07 Dec 2022 20:06:23 GMT
ETag: "977e0b791ee980544ba9ec54b572d7fa845ed620"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674

52.6.162.203

302 Found

0 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674
IP
52.6.162.203:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674 HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
date: Wed, 07 Dec 2022 00:39:29 GMT
content-length: 0
location: https://trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674&try2=true
server: clinch
set-cookie: clinch-sid=0de7e944-272f-4336-90be-515894a09097; expires=Sat, 07 Dec 2024 00:39:29 GMT; domain=clinch.co; path=/; secure; samesite=none
X-Firefox-Spdy: h2

trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674&try2=true

52.6.162.203

200 OK

79 B

URL HTTP/2
trk.clinch.co/trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674&try2=true
IP
52.6.162.203:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
70c92fdbfdaad0989a68617939cf615c
4cc7e0778377d6e89b665e1741c798b9df21693a
3a2f25076dd3c45cd69196f5c15d3ae2678b208bc5f8ac053d54d4a1fb792006

HTTP Headers

GET /trk?cid=ojfb3O&dsid=wifbQOP&type=pageView&product=ecommerce&referrer=https%3A%2F%2Frcu6.com%2Femail-account.php&version=3.4&a=1670373568674&try2=true HTTP/1.1
Host: trk.clinch.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rcu6.com/
Connection: keep-alive
Cookie: clinch-sid=0de7e944-272f-4336-90be-515894a09097
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 00:39:29 GMT
content-type: text/html
content-length: 79
server: clinch
cache-control: no-store
x-robots-tag: none
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-Firefox-Spdy: h2

rcu6.com/index_files/ads-blocking-detector.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/ads-blocking-detector.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ads-blocking-detector.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/nuanceChat.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ruxitagentjs_ICA27SVfjoqrux_10183200114120852.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/nuanceChat.html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/nuanceChat.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/nuanceChat.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: HIT
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/index.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/index.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/index.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/activityi.html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/activityi.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/tcFramework.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/tcFramework.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/tcFramework.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/nuanceChat.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/bat.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/bat.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/bat.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/lockup.svg

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/lockup.svg
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/lockup.svg HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Sun, 05 Feb 2023 00:39:23 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/site-survey.min.css

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/site-survey.min.css
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/site-survey.min.css HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
expires: Fri, 06 Jan 2023 00:39:23 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/jquery-3.4.1.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/jquery-3.4.1.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/jquery-3.4.1.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/email-account.php

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/email-account.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /email-account.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/activityi(1).html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/activityi(1).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(1).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/postToServer.min.html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/postToServer.min.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/postToServer.min.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/index_files/nuanceChat.html
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364543|1670373564113; dtSa=-; dtLatC=270; loginCookie=personalLogin
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/f.txt

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/f.txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f.txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: text/plain
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:36 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/insight.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/insight.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/insight.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/activityi(2).html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/activityi(2).html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/activityi(2).html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/oo_engine.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/oo_engine.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/oo_engine.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/serverComponent.php

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/serverComponent.php
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/serverComponent.php HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/toolkit.min.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/toolkit.min.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/toolkit.min.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/Bootstrap.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/Bootstrap.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/Bootstrap.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/ytc.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/ytc.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/ytc.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/toolkit.min.css

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/toolkit.min.css
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/toolkit.min.css HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
expires: Fri, 06 Jan 2023 00:39:23 GMT
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/f(1).txt

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/f(1).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(1).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/plain
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/inqChatLaunch10006663.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/inqChatLaunch10006663.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/inqChatLaunch10006663.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/f(2).txt

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/f(2).txt
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/f(2).txt HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/plain
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:40 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=8.31966788978267&ClientID=1035&PageID=https%3A%2F%2Frcu6.com%2Femail-account.php

63.34.68.24

200 OK

0 B

URL HTTP/2
ensighten.huntingtonbank.com/huntington/com/serverComponent.php?r=8.31966788978267&ClientID=1035&PageID=https%3A%2F%2Frcu6.com%2Femail-account.php
IP
63.34.68.24:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /huntington/com/serverComponent.php?r=8.31966788978267&ClientID=1035&PageID=https%3A%2F%2Frcu6.com%2Femail-account.php HTTP/1.1
Host: ensighten.huntingtonbank.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:25 GMT
content-type: text/javascript
vary: Accept-Encoding
expires: Wed, 07 Dec 2022 00:39:24 GMT
cache-control: no-cache, no-store
x-cache: Miss from cloudfront
via: 1.1 a69a77599a4d18f525519907a15548e2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB2-C1
x-amz-cf-id: -sW9WkqD9xznP9wjPoT6TiIzlmcQR_xhAr3pHc6jlcmEK9CRQ5tvMQ==
content-encoding: gzip
X-Firefox-Spdy: h2

s.yimg.com/wi/ytc.js

87.248.119.251

200 OK

0 B

URL HTTP/2
s.yimg.com/wi/ytc.js
IP
87.248.119.251:0
ASN
#203220 Yahoo! UK Services Limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wi/ytc.js HTTP/1.1
Host: s.yimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: oPiSDk1V4JVSl4jnOnIl/NEMSW5le0apLphIV2IU5IBm1t3sbmNDU2Wrdcv7bUyv1vmVYvJwzCg7XlDV7yvejA==
x-amz-request-id: PQ31NRYP5KK9ZJPX
date: Wed, 07 Dec 2022 00:39:22 GMT
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
etag: "6a624022b5d271dcefb070b0b6670abc-df"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=3600
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
accept-ranges: bytes
content-type: application/javascript
server: ATS
referrer-policy: no-referrer-when-downgrade
vary: Origin, Accept-Encoding
age: 4
content-encoding: gzip
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2

rcu6.com/index_files/fbevents.js.download

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/fbevents.js.download
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/fbevents.js.download HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:38 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

rcu6.com/index_files/dest5.html

45.133.200.3

200 OK

0 B

URL HTTP/2
rcu6.com/index_files/dest5.html
IP
45.133.200.3:0
ASN
#200313 WEB_GroupInternet INC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Huntington Bank

HTTP Headers

GET /index_files/dest5.html HTTP/1.1
Host: rcu6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rcu6.com/email-account.php
Cookie: dtCookie=-11$S58JT91Q1G6C38416VJKDMCFETULSUM9; rxVisitor=1670373564110I4I49RN9QNJ5LVJ1815IHBCK2BNAC9O1; dtPC=-11$573564096_238h1vUDPSZOCWHLHKBJCGGXVQJTPPMYWSWXWO; rxvt=1670375364121|1670373564113; dtSa=-; dtLatC=270
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 00:39:24 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Thu, 23 Apr 2020 00:07:42 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations