kcdbnk.com Open in urlscan Pro
198.46.134.245 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kcdbnk.com/huntington/
Submission: On April 22 via automatic, source openphish (April 22nd 2021, 1:58:32 pm UTC)

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 16 HTTP transactions. The main IP is 198.46.134.245, located in United States and belongs to AS-COLOCROSSING, US. The main domain is kcdbnk.com.

This is the only time kcdbnk.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 5	198.46.134.245 198.46.134.245	36352 (AS-COLOCR...) (AS-COLOCROSSING)
12	184.86.103.219 184.86.103.219	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2

5 198.46.134.245 (United States) 1 redirects

ASN36352 (AS-COLOCROSSING, US)
PTR: rs201.nsresponse.com

kcdbnk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 184.86.103.219 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-103-219.deploy.static.akamaitechnologies.com

onlinebanking.huntington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	huntington.com onlinebanking.huntington.com	36 KB
5	kcdbnk.com 1 redirects kcdbnk.com	8 KB
16	2

	Domain	Requested by
12	onlinebanking.huntington.com	kcdbnk.com onlinebanking.huntington.com
5	kcdbnk.com	1 redirects kcdbnk.com
16	2

This site contains links to these domains. Also see Links.

Domain
www.huntington.com

Subject Issuer	Validity	Valid
huntington.com GeoTrust EV RSA CA 2018	`2020-07-08` - `2022-07-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://kcdbnk.com/huntington/
Frame ID: 225529A41CF72EE57F557157726316C4
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://kcdbnk.com/huntington HTTP 301
http://kcdbnk.com/huntington/ Page URL

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

16
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

43 kB
Transfer

167 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.huntington.com/customer-service/contact-us
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kcdbnk.com/huntington HTTP 301
http://kcdbnk.com/huntington/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
kcdbnk.com/huntington/
Redirect Chain

http://kcdbnk.com/huntington
http://kcdbnk.com/huntington/

9 KB
3 KB

159ms
159ms

Document
text/html

198.46.134.245
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to

Full URL: http://kcdbnk.com/huntington/
Protocol: HTTP/1.1
Server: 198.46.134.245 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: rs201.nsresponse.com
Software: LiteSpeed / PHP/5.6.40
Resource Hash: d4ea2b5b748e038caaa5e809e34b36d2ef6992cc342de829562212a10fd1b9df

Request headers

Host: kcdbnk.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/5.6.40
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 22 Apr 2021 13:58:14 GMT
Server: LiteSpeed

Redirect headers

Connection: Keep-Alive
Content-Type: text/html
Content-Length: 707
Date: Thu, 22 Apr 2021 13:58:14 GMT
Server: LiteSpeed
Location: http://kcdbnk.com/huntington/

GET
H2 200 text.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ 1 KB
868 B 204ms
43ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Structure/960/text.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 529
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 960_16_col.css
onlinebanking.huntington.com/rol/Styles/Structure/960/ 4 KB
1 KB 203ms
42ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Structure/960/960_16_col.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 821
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Thu, 08 Apr 2021 22:22:34 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "03134acc52cd71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 huntington-rol.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 57 KB
12 KB 244ms
83ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637309499230000000

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 11576
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 propertyClasses.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 598 B
917 B 223ms
62ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/propertyClasses.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
etag: "0e637cddc27d71:0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
cache-control: max-age=0, no-cache, no-store
date: Thu, 22 Apr 2021 13:58:15 GMT
x-ua-compatible: IE=edge
accept-ranges: bytes
content-type: text/css
content-length: 598
format-detection: telephone=no
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 widgets.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 12 KB
3 KB 243ms
83ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/widgets.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 2435
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 12 Mar 2021 23:22:49 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "802ac29d9617d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 NavBar.css
onlinebanking.huntington.com/rol/Styles/Navigation/ 2 KB
957 B 259ms
99ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Navigation/NavBar.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 618
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 jquery-ui-1.8.9.custom.css
onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/ 59 KB
8 KB 245ms
85ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/JQueryUIThemes/custom-theme/jquery-ui-1.8.9.custom.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 7788
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 modal-dialog.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 1 KB
887 B 272ms
112ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/modal-dialog.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 548
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 hnb.aria.common.css
onlinebanking.huntington.com/rol/Styles/ 574 B
893 B 242ms
82ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/hnb.aria.common.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
etag: "0e637cddc27d71:0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
cache-control: max-age=0, no-cache, no-store
date: Thu, 22 Apr 2021 13:58:15 GMT
x-ua-compatible: IE=edge
accept-ranges: bytes
content-type: text/css
content-length: 574
format-detection: telephone=no
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 Auth.css
onlinebanking.huntington.com/rol/Styles/Presentation/Auth/ 6 KB
2 KB 270ms
110ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/Auth/Auth.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 1800
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 02 Apr 2021 16:25:32 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "0e637cddc27d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H/1.1 200
OK logo-lg.png
kcdbnk.com/huntington/image/ 3 KB
3 KB 119ms
108ms Image
image/png 198.46.134.245
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kcdbnk.com/huntington/image/logo-lg.png
Requested by: Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/
Protocol: HTTP/1.1
Server: 198.46.134.245 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: rs201.nsresponse.com
Software: LiteSpeed /
Resource Hash: 4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf

Request headers

Referer: http://kcdbnk.com/huntington/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Apr 2021 13:58:14 GMT
Last-Modified: Tue, 18 Aug 2020 00:54:42 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2560
Expires: Thu, 29 Apr 2021 13:58:14 GMT

GET
H/1.1 200
OK lock.gif
kcdbnk.com/huntington/image/ 870 B
1 KB 225ms
200ms Image
image/gif 198.46.134.245
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kcdbnk.com/huntington/image/lock.gif
Requested by: Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/
Protocol: HTTP/1.1
Server: 198.46.134.245 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: rs201.nsresponse.com
Software: LiteSpeed /
Resource Hash: 5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3

Request headers

Referer: http://kcdbnk.com/huntington/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Apr 2021 13:58:15 GMT
Last-Modified: Tue, 18 Aug 2020 00:54:45 GMT
Server: LiteSpeed
Content-Type: image/gif
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 870
Expires: Thu, 29 Apr 2021 13:58:15 GMT

GET
H/1.1 200
OK hexlogo-footer-icon.png
kcdbnk.com/huntington/image/ 333 B
625 B 226ms
200ms Image
image/png 198.46.134.245
AS-COLOCROSSING

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://kcdbnk.com/huntington/image/hexlogo-footer-icon.png
Requested by: Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/
Protocol: HTTP/1.1
Server: 198.46.134.245 , United States, ASN36352 (AS-COLOCROSSING, US),
Reverse DNS: rs201.nsresponse.com
Software: LiteSpeed /
Resource Hash: deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505

Request headers

Referer: http://kcdbnk.com/huntington/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 22 Apr 2021 13:58:15 GMT
Last-Modified: Tue, 18 Aug 2020 01:02:50 GMT
Server: LiteSpeed
Content-Type: image/png
Cache-Control: public, max-age=604800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 333
Expires: Thu, 29 Apr 2021 13:58:15 GMT

GET
H2 200 huntington-rol-print.css
onlinebanking.huntington.com/rol/Styles/Presentation/ 8 KB
2 KB 70ms
63ms Stylesheet
text/css 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol-print.css

Requested by

Host: kcdbnk.com
URL: http://kcdbnk.com/huntington/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: http://kcdbnk.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff, nosniff;
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-length: 2198
format-detection: telephone=no
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Fri, 12 Mar 2021 23:22:49 GMT
date: Thu, 22 Apr 2021 13:58:15 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
etag: "802ac29d9617d71:0"
accept-ranges: bytes
expires: Thu, 22 Apr 2021 13:58:15 GMT

GET
H2 200 background-960.jpg
onlinebanking.huntington.com/rol/Images/UI/ 3 KB
3 KB 29ms
28ms Image
image/jpeg 184.86.103.219
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.huntington.com/rol/Images/UI/background-960.jpg

Requested by

Host: onlinebanking.huntington.com
URL: https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637309499230000000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.86.103.219 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-86-103-219.deploy.static.akamaitechnologies.com

Software

Resource Hash

f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff;

Request headers

Referer: https://onlinebanking.huntington.com/rol/Styles/Presentation/huntington-rol.css?holv=637309499230000000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff;
last-modified: Thu, 08 Apr 2021 22:22:34 GMT
etag: "03134acc52cd71:0"
p3p: CP="NON CUR OTPi OUR NOR UNI"
cache-control: max-age=0, no-cache, no-store
date: Thu, 22 Apr 2021 13:58:15 GMT
x-ua-compatible: IE=edge
accept-ranges: bytes
content-type: image/jpeg
content-length: 2997
format-detection: telephone=no
expires: Thu, 22 Apr 2021 13:58:15 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kcdbnk.com
onlinebanking.huntington.com
184.86.103.219
198.46.134.245
22d1d430fb9575bcf54932ea71e39ccaccd62c19ca67270d56ef30f56d56f67e
2f9215b9ab85c0e224d2d0b37b77be86fed52ded385e96aff0f1beb32f3fe5cc
3de2992764859f7d334186c4166f0c16cfb6f38da0e1fdb0f477b7c6a08485dd
408236bad13858212891ee9591c5f10f4e11b891f6001f5327c146afe9d10d45
4183be66219d8fcbeefc40c65029ae45cd6c27e3fb469cf85633af1876b8bebf
4e397d4cdd3f6b1da8992479abdeb0443f24d852e63ec5c0c7ed2dd3f0fdc34b
5651db6cf27864f6a9fc7b44bce870b799057c58d7fc0e32f5a640172a88a7e3
65916412ccdbd807d52915f418c2d5ea5451a2bc1af904ab8702634e88e54991
70c00dd2e53aff643a9cd3f6bd7fcecf934056d5c076c3540b89c9d05a96e012
88f039834ad283597f08b9dc10a59c598a7a9f52630f49285361cc703d51da7a
895f1145b735fc25b1eb72359fa693b52b13c3e950b876799893e42ace819a36
ac4c79f5ea44ab2c5a9871c08098066c6ad1d6b87293dd8f19045ce0559d2c19
d4ea2b5b748e038caaa5e809e34b36d2ef6992cc342de829562212a10fd1b9df
deb61527bc56e95dddf597d429991ca5a6002890ab8990b3c268926e6920b505
e226a30e910cd4638a4ff1fbf8ba8e926ef0e01678e74dfac812c334a9985328
f35791a298f11f56a270a7fe6e0eec32c073de76e1ba54e126b6a765ff3ae200

kcdbnk.com Open in urlscan Pro 198.46.134.245 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

75 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

43 kBTransfer

167 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

kcdbnk.com Open in urlscan Pro
198.46.134.245 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

75 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

43 kB
Transfer

167 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!