ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org Open in urlscan Pro
23.94.5.213  Malicious Activity! Public Scan

Submitted URL: http://prestigeinhornecare.com/log/degkijzvponhtxq/dlektbv/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab?email=%3Cspan%20st...
Effective URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%2...
Submission: On June 14 via manual from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 24 HTTP transactions. The main IP is 23.94.5.213, located in United States and belongs to AS-COLOCROSSING, US. The main domain is ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org.
This is the only time ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 192.3.251.32 36352 (AS-COLOCR...)
1 23.94.5.213 36352 (AS-COLOCR...)
17 2.16.186.139 20940 (AKAMAI-ASN1)
5 2.16.186.147 20940 (AKAMAI-ASN1)
1 52.189.67.17 8075 (MICROSOFT...)
24 4
Domain Requested by
17 onlinebanking.huntington.com ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
onlinebanking.huntington.com
5 www.huntington.com ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
www.huntington.com
1 huntingtonbank.inq.com www.huntington.com
1 ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
1 prestigeinhornecare.com 1 redirects
24 5

This site contains links to these domains. Also see Links.

Domain
www.huntington.com
selfservice.huntington.com
Subject Issuer Validity Valid
huntington.com
GeoTrust EV RSA CA 2018
2020-07-08 -
2022-07-13
2 years crt.sh
*.inq.com
GeoTrust RSA CA 2018
2019-10-30 -
2021-12-08
2 years crt.sh

This page contains 2 frames:

Primary Page: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Frame ID: B523DBDCF138222DE11BEF942F84560D
Requests: 23 HTTP requests in this frame

Frame: https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Frame ID: 16548014E87FBA4AE296BC8A87ECAA8C
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://prestigeinhornecare.com/log/degkijzvponhtxq/dlektbv/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4a... HTTP 302
    http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20st... Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 50%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Page Statistics

24
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

87 kB
Transfer

288 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://prestigeinhornecare.com/log/degkijzvponhtxq/dlektbv/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E%5BEMAIL%20ADDRESS%20GOES%20HERE%5D%3C/span%3E HTTP 302
    http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set dlektbv
ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/
Redirect Chain
  • http://prestigeinhornecare.com/log/degkijzvponhtxq/dlektbv/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20s...
  • http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20...
30 KB
11 KB
Document
General
Full URL
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
HTTP/1.1
Server
23.94.5.213 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS
23-94-5-213-host.colocrossing.com
Software
nginx / PHP/7.2.34
Resource Hash
f33405222de0255a55f814166c7e8ee6ae8f6bc168566c711420c177b2f18feb

Request headers

Host
ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 14 Jun 2021 16:00:07 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Vary
Accept-Encoding
X-Powered-By
PHP/7.2.34
Set-Cookie
PHPSESSID=169c15a93ab2b8071857aa77963c1356; path=/ XSRF-TOKEN=eyJpdiI6InhzYnl6TldQK0g1RVhIU05KdTZPRnc9PSIsInZhbHVlIjoiQ01vU1lRbk9kajd4V0lrcWZYdVRzUnFGSjdFN0Zmczg3U0l2WmxOZVE4NzYySm1pV3Q1VVhLWlNVRmZ3NkNMeiIsIm1hYyI6IjhjNDI3ZjEzMTJjYjFmZjI0ZDU0Njc4OWI2NTk4MDBhMzlmNDE4ODBmNTEyZmY2Mzk0NGVlN2Y4MmY2OGM1N2MifQ%3D%3D; expires=Mon, 14-Jun-2021 18:00:07 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IlptWGR6dVhOWEx0NmVWNFwvUkowZmt3PT0iLCJ2YWx1ZSI6InVQUktpNUtkSGF1VGFSRFhISEFEdnZCSjVnRFwvWmhmZWFhWkFOd1NJaVVhUFpxSUN6ZXd3TFhpN0FcL1h1MjlIWiIsIm1hYyI6IjIxNzA1NWYzNThlNDA2NWI4Nzk5OTUxNTMzYmY2MjYwM2MzOWU4MmNhMjMyMjljNTkyZjE5M2M1ZTM1N2Y3YWUifQ%3D%3D; expires=Mon, 14-Jun-2021 18:00:07 GMT; Max-Age=7200; path=/; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate private, must-revalidate
Pragma
no-cache
pragma
no-cache
expires
-1
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 14 Jun 2021 16:00:04 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
1514
Connection
keep-alive
Keep-Alive
timeout=60
X-Powered-By
PHP/7.2.34
Set-Cookie
PHPSESSID=ufs5v661djoc9u0s6hkjmo90d1; path=/ XSRF-TOKEN=eyJpdiI6IldnNEpTcUVmN2I1WUkxc1h6QjZTZlE9PSIsInZhbHVlIjoiNXVFeUJldWh5VTVTRVJyZVpwYWpvemkycU5wbWh2S3hyOFBLWlwvVWk5eDFQQ3E0NFdcLzVtVlpcL2dTNEwzUWh6ZCIsIm1hYyI6ImY3M2I0OTYzZGJlMzU2ZGI1ZmY4MmYwMmFhYzRmODE5NDVjOTY0ZDllNWE0ZGM2OTk0NDdmNDJlYzQ0OGIzNjUifQ%3D%3D; expires=Mon, 14-Jun-2021 18:00:04 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6Ik9xTFpZV0NLdmVjM292RmFwcFV6Wnc9PSIsInZhbHVlIjoieHF1SHgzaEphZ3dJbWtVeDhDcTNERFwvK0F0cEVOK0VuZjdMeDc3T3QwcW1BdW9kQk4wcGo2TDJLbWNaakM2WnEiLCJtYWMiOiIxNjMzOTBkZDQwNGJkNzc2ZTExNzE1NGU5NGY4NmVjYTJlYjdjZjhmNTQ1YjZhNjc2ZmNkZjdhNWJjOTM5OGFjIn0%3D; expires=Mon, 14-Jun-2021 18:00:04 GMT; Max-Age=7200; path=/; httponly
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate private, must-revalidate
Pragma
no-cache
Location
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=<span style='color:green' title='Will be replaced with the subscriber's email address'>[EMAIL ADDRESS GOES HERE]</span>
pragma
no-cache
expires
-1
reset.css
onlinebanking.huntington.com/rol/Styles/Structure/960/
2 KB
1 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Structure/960/reset.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
24cf21f193e68d68b904cbaee94a24ee60140d7e570a6873e3e4f45724c74ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
948
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
text.css
onlinebanking.huntington.com/rol/Styles/Structure/960/
1 KB
900 B
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Structure/960/text.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="400096066"
content-length
529
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
960_16_col.css
onlinebanking.huntington.com/rol/Styles/Structure/960/
4 KB
1 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Structure/960/960_16_col.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
821
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
huntington-rol.css
onlinebanking.huntington.com/rol/Styles/Presentation/
57 KB
12 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637553742750000000
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
11576
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
propertyClasses.css
onlinebanking.huntington.com/rol/Styles/Presentation/
598 B
918 B
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/propertyClasses.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
text/css
content-length
598
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
widgets.css
onlinebanking.huntington.com/rol/Styles/Presentation/
12 KB
3 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/widgets.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
2435
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
NavBar.css
onlinebanking.huntington.com/rol/Styles/Navigation/
2 KB
990 B
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Navigation/NavBar.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="-866385258"
content-length
618
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/
59 KB
8 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/jquery-ui-1.8.9.custom.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
7788
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
modal-dialog.css
onlinebanking.huntington.com/rol/Styles/Presentation/
1 KB
920 B
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/modal-dialog.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="-1745415510"
content-length
548
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
hnb.aria.common.css
onlinebanking.huntington.com/rol/Styles/
574 B
894 B
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/hnb.aria.common.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
text/css
content-length
574
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
Auth.css
onlinebanking.huntington.com/rol/Styles/Presentation/Auth/
6 KB
2 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/Auth/Auth.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
1800
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
site-survey.min.css
www.huntington.com/Presentation/Styles/
4 KB
2 KB
Stylesheet
General
Full URL
https://www.huntington.com/Presentation/Styles/site-survey.min.css?v=9wo2OrXUNeUe10c3vTcwXGC1EiWtIEx5MI-aYe1RKSk1
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="-1107057067"
content-length
1249
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 02:05:24 GMT
x-frame-options
sameorigin
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=1336581
etag
"08a7f461c42d71:0"
accept-ranges
bytes
expires
Wed, 30 Jun 2021 03:16:29 GMT
oo_icon_retina_black.gif
www.huntington.com/Presentation/onlineopinionV5/
552 B
951 B
Image
General
Full URL
https://www.huntington.com/Presentation/onlineopinionV5/oo_icon_retina_black.gif
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
552
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 02:05:24 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
x-frame-options
sameorigin
content-type
image/gif
cache-control
public, max-age=1546631
etag
"08a7f461c42d71:0"
accept-ranges
bytes
expires
Fri, 02 Jul 2021 13:37:19 GMT
chat-fab.js
www.huntington.com/Presentation/Scripts/
19 KB
7 KB
Script
General
Full URL
https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="1106794338"
content-length
7010
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 02:05:24 GMT
x-frame-options
sameorigin
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1287724
etag
"08a7f461c42d71:0"
accept-ranges
bytes
expires
Tue, 29 Jun 2021 13:42:12 GMT
site-survey.min.js
www.huntington.com/Presentation/Scripts/
7 KB
3 KB
Script
General
Full URL
https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="-1214653468"
content-length
3053
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 02:05:24 GMT
x-frame-options
sameorigin
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=1286590
etag
"08a7f461c42d71:0"
accept-ranges
bytes
expires
Tue, 29 Jun 2021 13:23:18 GMT
logo-lg.png
onlinebanking.huntington.com/rol/Images/UI/
3 KB
3 KB
Image
General
Full URL
https://onlinebanking.huntington.com/rol/Images/UI/logo-lg.png
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
image/png
content-length
2560
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
lock.gif
onlinebanking.huntington.com/rol/images/
870 B
1 KB
Image
General
Full URL
https://onlinebanking.huntington.com/rol/images/lock.gif
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
image/gif
content-length
870
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
hexlogo-footer-icon.png
onlinebanking.huntington.com/rol/Images/
333 B
654 B
Image
General
Full URL
https://onlinebanking.huntington.com/rol/Images/hexlogo-footer-icon.png
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
image/png
content-length
333
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
huntington-rol-print.css
onlinebanking.huntington.com/rol/Styles/Presentation/
8 KB
2 KB
Stylesheet
General
Full URL
https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol-print.css
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff, nosniff;
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-length
2198
format-detection
telephone=no
x-ua-compatible
IE=edge
pragma
no-cache
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=0, no-cache, no-store
etag
"804370aeca3dd71:0"
accept-ranges
bytes
expires
Mon, 14 Jun 2021 16:00:08 GMT
background-960.jpg
onlinebanking.huntington.com/rol/Images/UI/
3 KB
3 KB
Image
General
Full URL
https://onlinebanking.huntington.com/rol/Images/UI/background-960.jpg
Requested by
Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637553742750000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff;

Request headers

Referer
https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637553742750000000
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff, nosniff;
last-modified
Fri, 30 Apr 2021 14:11:15 GMT
etag
"804370aeca3dd71:0"
p3p
CP="NON CUR OTPi OUR NOR UNI"
cache-control
max-age=0, no-cache, no-store
date
Mon, 14 Jun 2021 16:00:08 GMT
x-ua-compatible
IE=edge
accept-ranges
bytes
content-type
image/jpeg
content-length
2997
format-detection
telephone=no
expires
Mon, 14 Jun 2021 16:00:08 GMT
nuanceChat.html
onlinebanking.huntington.com/nuance/ Frame 1654
0
0
Document
General
Full URL
https://onlinebanking.huntington.com/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
Requested by
Host: ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
URL: http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/559449huntington/07a4ec04cf3a2cc56d4302b38be2a4ab/dlektbv?email=%3Cspan%20style=%27color:green%27%20title=%27Will%20be%20replaced%20with%20the%20subscriber%27s%20email%20address%27%3E[EMAIL%20ADDRESS%20GOES%20HERE]%3C/span%3E
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.139 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-139.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options DENY

Request headers

:method
GET
:authority
onlinebanking.huntington.com
:scheme
https
:path
/nuance/nuanceChat.html?IFRAME&nuance-frame-ac=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/

Response headers

content-type
text/html
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-frame-options
DENY
cache-control
no-store
content-security-policy
frame-ancestors 'none'
strict-transport-security
max-age=31536000; includeSubDomains
pragma
no-cache
x-akamai-transformed
9 486 0 pmb=mTOE,1
vary
Accept-Encoding
content-encoding
gzip
date
Mon, 14 Jun 2021 16:00:09 GMT
content-length
413
set-cookie
PD-S-SESSION-ID=1_2_0_JtnJYModNpV097nH+FjqeHYwZBsdyakh1SMF2Ltvuc0u9oRT; Domain=.huntington.com; Path=/; Secure; HttpOnly; Secure; HttpOnly TS01ab4d24=01331be4bddc16bb43e1afbf823ba803fdcd70e967db82b0602e7b6d6c80c00a031efcae221e4d9bf31235f4be502c651aa07d5b33; Path=/; Secure; HTTPOnly TS01eecfc4=01331be4bddc16bb43e1afbf823ba803fdcd70e967db82b0602e7b6d6c80c00a031efcae221e4d9bf31235f4be502c651aa07d5b33; path=/; domain=.huntington.com; HTTPonly; Secure ak_bmsc=845AF66D8215AA22529C3CFFC59A70140210BA87B87D0000097DC7603BBB2402~plM28gnLF2OzENOx7r8HX6N39lBzs+FLGy39fqKU3vBOKWZusBUFPj09jzKkWvZbxZ3pPSsL98reOLF1N4a14FaNcMTBnT2Hdo+Np87FfrmlWwNo0H+cBu74iBxJD9T/uVaCSuwk5S9PAlACH1R3YP2mEfcaBHinFtDLxZkbDZSPOLkVLQ7RsUoojkJW0Ij6WO+R8XtljRIcfhkcNWykD93Qs5HKYUmb1BuoRylBax0FE=; expires=Mon, 14 Jun 2021 18:00:09 GMT; max-age=7200; path=/; domain=.huntington.com; HttpOnly bm_sz=7895F688898224669A54231206610DB7~YAAQh7oQAmpvXvB5AQAA7m5ACwzYMPzLTC5dLXBesnc9LFvN4pnh824ZtLQFKa1Vk/RfwIGaYH9kimTGRskBBIJTgIbvYScVC5v/kRh6lKHGQZmy0XVB/p0qZT5AHa/d/s4EJoY3/nGH/CBlsR1OL+LQ1Bbq2C1FL7g7EQX9F1kkDjr9zCz1GraWlesW654VB34kKA==; Domain=.huntington.com; Path=/; Expires=Mon, 14 Jun 2021 20:00:08 GMT; Max-Age=14399; HttpOnly _abck=BFCF1D6B5B6FFEF19D5F98F2EC09ECD9~-1~YAAQh7oQAmtvXvB5AQAA7m5ACwZ3CFSuWzgki7SyTMURqMNqP14zkZuHJMWHiSbRfqfC0EKnLZoyVA6r0T8QKxEQXlUSjh/2ZbOQv4ccP4Jft8xVW9kjZ/VgcyXcep7K+9XHOQlflL4//WSnOZIkcs5+C9JOvNSJFsYBmz8UViUGQqf1ipuRlLiMSKoWANEUj94N9HUYx5pMz3E9C7Abdrvs7mt6WPLW/mhVPmaEsldMrHgBm13JSo1xGOclww4PtBWwW3p9663PFmENCDazl1y4u3p7zykdrBziNAuUcLH3/Ytpdx6CEe1qABHvajfvhLPUiyvdCDAMphrFUhD4mVhrNHscPFVVlw3pt0kjhPKjNZWEq3U+WXRU51knJZBU~-1~-1~-1; Domain=.huntington.com; Path=/; Expires=Tue, 14 Jun 2022 16:00:09 GMT; Max-Age=31536000; Secure
inqChatLaunch10006663.js
huntingtonbank.inq.com/chatskins/launch/
22 KB
7 KB
Script
General
Full URL
https://huntingtonbank.inq.com/chatskins/launch/inqChatLaunch10006663.js
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.189.67.17 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
TouchCommerce Server /
Resource Hash
5004955beb1117ea2bab2134cb77fa518336aeedc87d69d618b8ec0ccfe59765
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 14 Jun 2021 16:00:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
samesite
Strict
server
TouchCommerce Server
etag
"8mtINUw0iVg"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
no-cache
last-modified
Thu, 10 Jun 2021 06:02:13 GMT
accept-ranges
bytes
content-length
6695
x-xss-protection
1; mode=block
expires
Mon, 14 Jun 2021 17:00:08 GMT
oo_engine.min.js
www.huntington.com/Presentation/Scripts/
45 KB
15 KB
Script
General
Full URL
https://www.huntington.com/Presentation/Scripts/oo_engine.min.js?v=X-cSihwIHl195N120D5C4rXIsQ75PPW16cMbjy4g28g1
Requested by
Host: www.huntington.com
URL: https://www.huntington.com/Presentation/Scripts/site-survey.min.js?v=tPzGouYVR7-zlyTNcEs-q3YTKCb9VsZyIL-VBucisQ01
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-147.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
server-timing
dtRpid;desc="1185235187"
content-length
14478
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 May 2021 02:05:24 GMT
x-frame-options
sameorigin
date
Mon, 14 Jun 2021 16:00:08 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=964080
etag
"08a7f461c42d71:0"
accept-ranges
bytes
expires
Fri, 25 Jun 2021 19:48:08 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| chatFab object| nuanceData object| siteSurvey object| OOo undefined| cookies undefined| cookie undefined| eqPos undefined| cookieName undefined| href undefined| _script function| getParentV3LanderConfig function| getOpenerV3LanderConfig function| getV3LanderConfigProperty function| evaluateLegacySettings object| v3LanderConfig object| v3Lander object| InqRegistry

0 Cookies

2 Console Messages

Source Level URL
Text
console-api info URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1(Line 1)
Message:
EXPERIENCE: pilot eligible
console-api info URL: https://www.huntington.com/Presentation/Scripts/chat-fab.js?v=2W7D9jTS4BDB12vKq_lLxtDms1eUQAAp7NNW_8gfM0Q1(Line 1)
Message:
starting in chatbot mode

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

huntingtonbank.inq.com
ifiik.bzqgn.yoaucenmsda.ycnjsvu.fzqmwlnv.sgjqalnqdsjrtb.upgx.pbhw.fdgrergfddf.duckdns.org
onlinebanking.huntington.com
prestigeinhornecare.com
www.huntington.com
192.3.251.32
2.16.186.139
2.16.186.147
23.94.5.213
52.189.67.17
15f5836e52324d46e89eed325a5de5158f0d9bb29d59e1ffc381d961a1f6980d
1bf7836282cf0a1f1cae452a2b7d03f4857827aa682e36562831fe3bc34f30a5
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
24cf21f193e68d68b904cbaee94a24ee60140d7e570a6873e3e4f45724c74ef5
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
5004955beb1117ea2bab2134cb77fa518336aeedc87d69d618b8ec0ccfe59765
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
7d24af619103660b68ae10e64670d3393f5a9e679ef9d69e72a7479071aeb806
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
8aa0a535b8d47209c6a2dfc8f3168f5922e84d5aafb98e8a9db0300dddadacaf
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
bda16e261ada8f8e66d204ce57bc125ba37369576067f1bb1e22281d4340d66e
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
f33405222de0255a55f814166c7e8ee6ae8f6bc168566c711420c177b2f18feb
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200