urlscan.io logo urlscan.io
SecurityTrails logo

huntington-ir.com Open in urlscan Pro
216.226.155.194  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ir.tcfbank.com/
Effective URL: http://huntington-ir.com/
Submission: On November 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 216.226.155.194, located in Columbus, United States and belongs to WOW-INTERNET, US. The main domain is huntington-ir.com.
This is the only time huntington-ir.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Huntington Bank (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2.16.241.92 20940 (AKAMAI-ASN1)
12 216.226.155.194 12083 (WOW-INTERNET)
2 2.16.241.77 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
16 3
Apex Domain
Subdomains		 Transfer
12 huntington-ir.com
huntington-ir.com
1 MB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
20 KB
2 huntington.com
www.huntington.com — Cisco Umbrella Rank: 60541
2 KB
1 tcfbank.com
ir.tcfbank.com
318 B
16 4
Domain Requested by
12 huntington-ir.com huntington-ir.com
2 www.google-analytics.com huntington-ir.com
www.google-analytics.com
2 www.huntington.com huntington-ir.com
1 ir.tcfbank.com 1 redirects
16 4
Subject Issuer Validity Valid
huntington.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-10 -
2023-05-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://huntington-ir.com/
Frame ID: 04C93D5E46B02E2B4D8E6063320B7B65
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ir.tcfbank.com/ HTTP 301
    http://huntington-ir.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

19 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

1187 kB
Transfer

1214 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ir.tcfbank.com/ HTTP 301
    http://huntington-ir.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
huntington-ir.com/
Redirect Chain
  • http://ir.tcfbank.com/
  • http://huntington-ir.com/
54 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
eeb3a59fa1b1f899472677b9c3536c3ea8cf31b3c115480b23221e66e003912d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
close
Content-Type
text/html; charset=UTF-8
Date
Sun, 20 Nov 2022 07:30:26 GMT
Server
Apache/2.0.52 (CentOS)
Transfer-Encoding
chunked

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sun, 20 Nov 2022 07:30:25 GMT
Expires
Sun, 20 Nov 2022 07:30:25 GMT
Location
http://huntington-ir.com
Pragma
no-cache
Server-Timing
cdn-cache; desc=HIT edge; dur=1
toolkit.css
huntington-ir.com/styles/ 		124 KB
124 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/styles/toolkit.css
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
8eda4f79f753bcec676f1e351880590e366ddf47dac4ced87e766ced8dd7146d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:26 GMT
Last-Modified
Thu, 02 Apr 2020 00:50:48 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"524019-1eef8-310d8a00"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
126712
modernizr.js
huntington-ir.com/scripts/ 		21 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/scripts/modernizr.js
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
cc0c10079662c9b244ede88022ef8316e7902d0789acedb11134c413bcbdb5d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:26 GMT
Last-Modified
Fri, 06 Sep 2019 21:58:05 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"220027-5432-8860b540"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
21554
jquery-1.10.2.js
huntington-ir.com/scripts/ 		268 KB
268 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/scripts/jquery-1.10.2.js
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
04139845ce14169e9b9cfad22c4a879dce68914b3875e71112b28bafbf96bf56

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:26 GMT
Last-Modified
Fri, 06 Sep 2019 21:58:04 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"220022-42e46-88517300"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
273990
jquery.unobtrusive-ajax.js
huntington-ir.com/scripts/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/scripts/jquery.unobtrusive-ajax.js
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
c4fd6530994f6fed74c72a649f4938d2e2f97eb167c179314fc39b400c0aadb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:26 GMT
Last-Modified
Fri, 06 Sep 2019 21:58:04 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"220026-1919-88517300"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
6425
H-Welcome_Logo_2019_GREEN_GRAY_RGB.png
huntington-ir.com/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://huntington-ir.com/images/H-Welcome_Logo_2019_GREEN_GRAY_RGB.png
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
5de537351edba81c85245eac099b5eb3a7e59408f3eea0b8f18cda7eae600d65

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 29 Oct 2021 15:31:53 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"634051-5ecb-86ce0c40"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
24267
lockup.svg
www.huntington.com/~/media/hcom/global/logo/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/~/media/hcom/global/logo/lockup.svg
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-77.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38c973e72b29d0c5f054034abecb6f92d1f30fac5aeeb5d0300de1cce156ade3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains, max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Nov 2022 07:30:27 GMT
x-permitted-cross-domain-policies
master-only
p3p
CP="NON CUR OTPi OUR NOR UNI"
content-disposition
inline; filename="lockup.svg"
content-length
1578
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 14 Jul 2020 14:26:49 GMT
etag
25ac81b1cb8b4557ac63e0186de9a92b
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=911176
accept-ranges
bytes
expires
Wed, 30 Nov 2022 20:36:43 GMT
document_open-sm.png
huntington-ir.com/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://huntington-ir.com/img/document_open-sm.png
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
36cbc5b49d0e61aa818097c25690241285f19c79437ee559d8a6ce5764a307d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 06 Sep 2019 21:54:37 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"bb403b-76f8-7bfae140"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
30456
at-good-sm.png
huntington-ir.com/img/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://huntington-ir.com/img/at-good-sm.png
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
b626cacce5c3456c70aea87181809a5e8cf07936fc644080870637d42c38af8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:28 GMT
Last-Modified
Fri, 06 Sep 2019 21:54:34 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"bb4032-750f-7bcd1a80"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
29967
minilogo.gif
www.huntington.com/-/media/hcom/global/logo/ 		146 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.huntington.com/-/media/hcom/global/logo/minilogo.gif?la=en
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.241.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-241-77.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b829e666e60ea0bd215c8688e67e7e810687358d6cfdf3d9d8f3bde12fb78d51

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 07:30:27 GMT
last-modified
Wed, 08 Jun 2022 19:50:39 GMT
x-serial
1946
server
Akamai Image Manager
x-check-cacheable
YES
etag
6c4597a4afe84ad6a0b62cf522711d1e
content-type
image/webp
cache-control
private, no-transform, max-age=3592
content-length
146
expires
Sun, 20 Nov 2022 08:30:19 GMT
toolkit.js
huntington-ir.com/scripts/ 		490 KB
491 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/scripts/toolkit.js
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
f942a8005da6ee2aa0caa6bde29c49edb76317f75befa8c5f4308859b614c7f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 06 Sep 2019 21:58:04 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"220033-7a945-88517300"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
502085
HuntingtonApexWeb-Medium.woff
huntington-ir.com/fonts/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/fonts/HuntingtonApexWeb-Medium.woff
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/styles/toolkit.css
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
17e308faef5acc6838e7b3cf8673092abb4359d1c8d1d6a88d0e9c724d14eadf

Request headers

Referer
http://huntington-ir.com/styles/toolkit.css
Origin
http://huntington-ir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 06 Sep 2019 21:54:24 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"b3403a-961e-7b348400"
Content-Type
text/plain; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
38430
HuntingtonApexWeb-Bold.woff
huntington-ir.com/fonts/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/fonts/HuntingtonApexWeb-Bold.woff
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/styles/toolkit.css
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
d0fa57b694e54da5e499dd824c97cf63f0c6b50771912f048bc46d457367f86a

Request headers

Referer
http://huntington-ir.com/styles/toolkit.css
Origin
http://huntington-ir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 06 Sep 2019 21:54:26 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"b34022-949e-7b530880"
Content-Type
text/plain; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
38046
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/
Protocol
H2
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://huntington-ir.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 20 Nov 2022 07:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
873
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 20 Nov 2022 09:15:54 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
HuntingtonApexWeb-MediumCaps.woff
huntington-ir.com/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://huntington-ir.com/fonts/HuntingtonApexWeb-MediumCaps.woff
Requested by
Host: huntington-ir.com
URL: http://huntington-ir.com/styles/toolkit.css
Protocol
HTTP/1.1
Server
216.226.155.194 Columbus, United States, ASN12083 (WOW-INTERNET, US),
Reverse DNS
mailsvr.investquest.com
Software
Apache/2.0.52 (CentOS) /
Resource Hash
443674d2610fd9f2ad64571e7c8a4500d6f1f89312a9b6634cfaf3f68f6ea239

Request headers

Referer
http://huntington-ir.com/styles/toolkit.css
Origin
http://huntington-ir.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Sun, 20 Nov 2022 07:30:27 GMT
Last-Modified
Fri, 06 Sep 2019 21:54:27 GMT
Server
Apache/2.0.52 (CentOS)
ETag
"b3403d-a386-7b624ac0"
Content-Type
text/plain; charset=UTF-8
Connection
close
Accept-Ranges
bytes
Content-Length
41862
collect
www.google-analytics.com/j/ 		2 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2011839026&t=pageview&_s=1&dl=http%3A%2F%2Fhuntington-ir.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1794288099&gjid=1253045679&cid=224210860.1668929428&tid=UA-1440017-6&_gid=1662024383.1668929428&_r=1&_slc=1&z=1479920296
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://huntington-ir.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 20 Nov 2022 07:30:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://huntington-ir.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Huntington Bank (Banking)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| Huntington string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| enquire object| Validator object| ParsleyConfig object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| MobileDetect string| s_an function| s_sp function| s_jn function| s_rep function| s_d function| s_fe function| s_fa function| s_ft function| s_c object| s_c_il number| s_c_in

4 Cookies

Domain/Path Name / Value
.huntington-ir.com/ Name: _ga
Value: GA1.2.224210860.1668929428
.huntington-ir.com/ Name: _gid
Value: GA1.2.1662024383.1668929428
.huntington-ir.com/ Name: _gat
Value: 1
huntington-ir.com/ Name: loginCookie
Value: personalLogin