urlscan.io logo urlscan.io
SecurityTrails logo

osidkfhdnsgris.duckdns.org Open in urlscan Pro
185.196.8.138  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/C2TDt1sbbU?amp=1sdhdnu3w
Effective URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Submission: On July 19 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 185.196.8.138, located in Houston, United States and belongs to SIMPLECARRER2, US. The main domain is osidkfhdnsgris.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 13th 2021. Valid for: 3 months.
This is the only time osidkfhdnsgris.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PNC Financial (Banking)

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.5 13414 (TWITTER)
1 1 13.224.99.3 16509 (AMAZON-02)
4 185.196.8.138 34888 (SIMPLECAR...)
15 23.45.109.64 16625 (AKAMAI-AS)
20 3
Apex Domain
Subdomains		 Transfer
15 pnc.com
www.onlinebanking.pnc.com
59 KB
4 duckdns.org
osidkfhdnsgris.duckdns.org
5 KB
1 onelink.me
d0fuo.onelink.me
313 B
1 t.co
t.co
504 B
20 4
Domain Requested by
15 www.onlinebanking.pnc.com osidkfhdnsgris.duckdns.org
www.onlinebanking.pnc.com
4 osidkfhdnsgris.duckdns.org t.co
osidkfhdnsgris.duckdns.org
1 d0fuo.onelink.me 1 redirects
1 t.co
20 4

This site contains links to these domains. Also see Links.

Domain
www.pnc.com
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
osidkfhdnsgris.duckdns.org
cPanel, Inc. Certification Authority		 2021-07-13 -
2021-10-11		 3 months crt.sh
www.onlinebanking.pnc.com
Sectigo RSA Organization Validation Secure Server CA		 2020-02-05 -
2022-02-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Frame ID: 2C73206E39C9E3F72147316EDED11926
Requests: 19 HTTP requests in this frame

Frame: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/index_2.html
Frame ID: 7F785CD9CCD87EEA8B65DFEBFE8B2AB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.co/C2TDt1sbbU?amp=1sdhdnu3w Page URL
  2. https://d0fuo.onelink.me/DXsi/dnus7sdi HTTP 302
    https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/ Page URL

Page Statistics

20
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

64 kB
Transfer

276 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/C2TDt1sbbU?amp=1sdhdnu3w Page URL
  2. https://d0fuo.onelink.me/DXsi/dnus7sdi HTTP 302
    https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
C2TDt1sbbU
t.co/ 		270 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/C2TDt1sbbU?amp=1sdhdnu3w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
29ef8df8434833713e670f03526c1cef9f2cfb19c7d7e5e9cf4628f807a7d024
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/C2TDt1sbbU?amp=1sdhdnu3w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:07 GMT
vary
Origin
server
tsa_o
expires
Mon, 19 Jul 2021 00:33:07 GMT
set-cookie
muc=0c0d2ee5-5f53-47ce-9504-e4984570a011; Max-Age=63072000; Expires=Wed, 19 Jul 2023 00:28:07 GMT; Domain=t.co; Secure; SameSite=None
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
188
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-connection-hash
1633fd261a09d2c33feac8c88f8a48e963a43b4d9e97cd85e1bee9372f5da365
Primary Request /
osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Redirect Chain
  • https://d0fuo.onelink.me/DXsi/dnus7sdi
  • https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Requested by
Host: t.co
URL: https://t.co/C2TDt1sbbU?amp=1sdhdnu3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.196.8.138 Houston, United States, ASN34888 (SIMPLECARRER2, US),
Reverse DNS
cphost22.qhoster.net
Software
LiteSpeed / PHP/7.3.29
Resource Hash
f5d041b2d44847df9198d03e695f651fe9aa91bf1555331f9236d624c03714a2

Request headers

:method
GET
:authority
osidkfhdnsgris.duckdns.org
:scheme
https
:path
/83kuh3753u3h/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://t.co/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://t.co/C2TDt1sbbU?amp=1sdhdnu3w

Response headers

x-powered-by
PHP/7.3.29
set-cookie
cazanova=e3aa2c909163eb1dabb3bac5f1713e5518185078; expires=Mon, 19-Jul-2021 02:28:08 GMT; Max-Age=7200; path=/; HttpOnly; secure
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Mon, 19 Jul 2021 00:28:08 GMT
server
LiteSpeed
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Redirect headers

content-type
application/octet-stream
content-length
0
location
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
date
Mon, 19 Jul 2021 00:28:07 GMT
server
http-kit
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Miss from cloudfront
via
1.1 6b0e09b8a7d995016df1513b4b11c17e.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
aFGC_OocRrpxJHbLu8FSiQyjGONq3f45pQEzM_dtAzSJAuYvGqO3iQ==
common.css
www.onlinebanking.pnc.com/css2/ 		243 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinebanking.pnc.com/css2/common.css
Requested by
Host: osidkfhdnsgris.duckdns.org
URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
455e51d8d0a5eef169c9096a93d1551314ed14fb749f5513c5739e8c9cfe377a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jul 2021 14:11:54 GMT
server
Apache
etag
"3cc00-5c6750102fe80"
vary
Accept-Encoding
content-type
text/css
server-timing
dtRpid;desc="-2055691036"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
42138
x-xss-protection
1
company_logo.1033.1.jpg
osidkfhdnsgris.duckdns.org/83kuh3753u3h/Include/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/Include/company_logo.1033.1.jpg
Requested by
Host: osidkfhdnsgris.duckdns.org
URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.196.8.138 Houston, United States, ASN34888 (SIMPLECARRER2, US),
Reverse DNS
cphost22.qhoster.net
Software
LiteSpeed / PHP/7.3.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/83kuh3753u3h/Include/company_logo.1033.1.jpg
pragma
no-cache
cookie
cazanova=e3aa2c909163eb1dabb3bac5f1713e5518185078
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
osidkfhdnsgris.duckdns.org
referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:08 GMT
server
LiteSpeed
x-powered-by
PHP/7.3.29
content-length
0
content-type
text/html; charset=UTF-8
livelook.png
www.onlinebanking.pnc.com/Images2/livelook/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/livelook/livelook.png
Requested by
Host: osidkfhdnsgris.duckdns.org
URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a5e34dff715ae6800da8ea8beab0abd05a036f8eb52e12ccf6ca43b67961867a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://osidkfhdnsgris.duckdns.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 03:29:50 GMT
server
Akamai Image Manager
etag
"528-5c6750102fe80"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
content-length
1162
x-xss-protection
1
expires
Mon, 19 Jul 2021 12:28:08 GMT
lock.png
osidkfhdnsgris.duckdns.org/83kuh3753u3h/Include/ 		0
24 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/Include/lock.png
Requested by
Host: osidkfhdnsgris.duckdns.org
URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.196.8.138 Houston, United States, ASN34888 (SIMPLECARRER2, US),
Reverse DNS
cphost22.qhoster.net
Software
LiteSpeed / PHP/7.3.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/83kuh3753u3h/Include/lock.png
pragma
no-cache
cookie
cazanova=e3aa2c909163eb1dabb3bac5f1713e5518185078
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
osidkfhdnsgris.duckdns.org
referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:08 GMT
server
LiteSpeed
x-powered-by
PHP/7.3.29
content-length
0
content-type
text/html; charset=UTF-8
reset.css
www.onlinebanking.pnc.com/css2/ 		1 KB
863 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.onlinebanking.pnc.com/css2/reset.css
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5383c4886a2e2802ca1e09b5a08a18c8fbb9fd65b590c055882a2c709cd3dd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 06 Jul 2021 14:11:54 GMT
server
Apache
etag
"4ce-5c6750102fe80"
vary
Accept-Encoding
content-type
text/css
server-timing
dtRpid;desc="-1285842635"
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
626
x-xss-protection
1
index_2.html
osidkfhdnsgris.duckdns.org/83kuh3753u3h/ Frame 7F78 		0
47 B 		Document
General
Check archive.org
Download Go to
Full URL
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/index_2.html
Requested by
Host: osidkfhdnsgris.duckdns.org
URL: https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.196.8.138 Houston, United States, ASN34888 (SIMPLECARRER2, US),
Reverse DNS
cphost22.qhoster.net
Software
LiteSpeed / PHP/7.3.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
osidkfhdnsgris.duckdns.org
:scheme
https
:path
/83kuh3753u3h/index_2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
cazanova=e3aa2c909163eb1dabb3bac5f1713e5518185078
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://osidkfhdnsgris.duckdns.org/83kuh3753u3h/

Response headers

x-powered-by
PHP/7.3.29
content-type
text/html; charset=UTF-8
content-length
0
date
Mon, 19 Jul 2021 00:28:09 GMT
server
LiteSpeed
bg_fade.png
www.onlinebanking.pnc.com/Images2/wrapper/ 		244 B
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/wrapper/bg_fade.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
edc468fb28baeb12d16bb1b039b8b384f7b02cab15e4457a35441c4236f7d216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 18 Jul 2021 11:37:08 GMT
server
Akamai Image Manager
etag
"18c-5c6750102fe80"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
244
x-xss-protection
1
expires
Mon, 19 Jul 2021 12:28:09 GMT
topHeader_Short_bg.png
www.onlinebanking.pnc.com/Images2/wrapper/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/wrapper/topHeader_Short_bg.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
504bd0d64fe73a49f07ebbb1682f3d1b7c58298d70040f5e0d997d819022a0be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 17:56:40 GMT
server
Akamai Image Server
etag
"1be5-5c6138fa22600"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=1800
x-akamai-im-skip-dlr
1
x-akamai-note
original-image
content-length
7141
x-xss-protection
1
expires
Mon, 19 Jul 2021 00:58:10 GMT
navSprite.png
www.onlinebanking.pnc.com/Images2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/navSprite.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Server /
Resource Hash
5c7484f3edb6fe12bee237d7a090c728a3a2fa2cdf61b7637953fadd404fcaa3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:10 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jul 2021 17:56:40 GMT
server
Akamai Image Server
etag
"950-5c6138fa22600"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=1800
x-akamai-note
original-image
content-length
2384
x-xss-protection
1
expires
Mon, 19 Jul 2021 00:58:10 GMT
noNav_bg.png
www.onlinebanking.pnc.com/Images2/wrapper/ 		354 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/wrapper/noNav_bg.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
6a1e22db4bf8076f7b2e67115b94dfe458743fe8e3be5e59373c45810d28d199
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
670
etag
"213-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:38:25 GMT
content-length
354
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT
content_bg.png
www.onlinebanking.pnc.com/Images2/wrapper/ 		142 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/wrapper/content_bg.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
424171982c2e7b6ea8e2750cc0c709a103ac79291218331b6e0d86b2e5db7459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
last-modified
Sat, 26 Jun 2021 04:38:39 GMT
server
Akamai Image Manager
etag
"c2-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
content-length
142
x-xss-protection
1
expires
Mon, 19 Jul 2021 12:28:09 GMT
panelSprite.png
www.onlinebanking.pnc.com/Images2/ 		712 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/panelSprite.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
fb8dc6f43f5fef822508fe0429d55e26c1082db8e300f56bee728b6b2de58c47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
258
etag
"2c8-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:43:59 GMT
content-length
712
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT
topRight.png
www.onlinebanking.pnc.com/Images2/panels/ 		150 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/panels/topRight.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
d21fb7c639ad1467608e47d38d195d3053c16dfdd71eee7895921f3f3599fd6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
744
etag
"10d-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:53:00 GMT
content-length
150
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT
buttons_disabled.png
www.onlinebanking.pnc.com/Images2/buttons/ 		172 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/buttons/buttons_disabled.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
e1ab40e38e139a56c56e2d27adc3b206bac6ff6555407314e869568630695df0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1959
etag
"160-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:40:19 GMT
content-length
172
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT
botRight.png
www.onlinebanking.pnc.com/Images2/panels/ 		100 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/panels/botRight.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
a99772fc532f03960dd45ea143b95b35134a4451474496a990923794051a8687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
last-modified
Sat, 26 Jun 2021 04:38:42 GMT
server
Akamai Image Manager
etag
"db-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
100
x-xss-protection
1
expires
Mon, 19 Jul 2021 12:28:09 GMT
blank_topLeft.png
www.onlinebanking.pnc.com/Images2/panels/ 		170 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/panels/blank_topLeft.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ea5a07b73992e6376dad3be745a98001e77bdff9a1ed88ae0f49e5825957e294
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
last-modified
Sat, 26 Jun 2021 04:36:14 GMT
server
Akamai Image Manager
etag
"14b-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
content-length
170
x-xss-protection
1
expires
Mon, 19 Jul 2021 12:28:09 GMT
blank_topRight.png
www.onlinebanking.pnc.com/Images2/panels/ 		94 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/panels/blank_topRight.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
5967c6966f0c716e80d31797c83a4a56ed5ac22efc8b6694420d31bcbd93f3d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
1003
etag
"e4-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:37:41 GMT
content-length
94
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT
footer_bot.png
www.onlinebanking.pnc.com/Images2/wrapper/ 		628 B
901 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.onlinebanking.pnc.com/Images2/wrapper/footer_bot.png
Requested by
Host: www.onlinebanking.pnc.com
URL: https://www.onlinebanking.pnc.com/css2/common.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.109.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-109-64.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
15437ff9e91a30ac2260c86ec2da1ad95bc1a508f610951a8ced45736e548fda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://www.onlinebanking.pnc.com/css2/common.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 00:28:09 GMT
x-content-type-options
nosniff
x-check-cacheable
YES
x-serial
986
etag
"45b-5c4ba98331900"
strict-transport-security
max-age=31536000
content-type
image/webp
cache-control
private, no-transform, max-age=43200
last-modified
Sat, 26 Jun 2021 04:43:58 GMT
content-length
628
x-xss-protection
1
server
Akamai Image Manager
expires
Mon, 19 Jul 2021 12:28:09 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PNC Financial (Banking)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| check

1 Cookies

Domain/Path Name / Value
osidkfhdnsgris.duckdns.org/ Name: cazanova
Value: e3aa2c909163eb1dabb3bac5f1713e5518185078

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0