www.alaskausamortgage.com
Open in
urlscan Pro
208.69.197.130
Malicious Activity!
Public Scan
Effective URL: https://www.alaskausamortgage.com/about/team.asp?p=OteoD
Submission: On December 15 via api from DE
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 19th 2018. Valid for: 10 months.
This is the only time www.alaskausamortgage.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alaska USA Federal Credit Union (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 3 | 184.168.131.241 184.168.131.241 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
17 | 208.69.197.130 208.69.197.130 | 40226 (AKUSA) (AKUSA - Alaska USA Federal Credit Union) | |
1 | 2a00:1450:400... 2a00:1450:4001:815::2008 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
20 | 3 |
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
davidoteo.com |
ASN40226 (AKUSA - Alaska USA Federal Credit Union, US)
www.alaskausamortgage.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
alaskausamortgage.com
www.alaskausamortgage.com |
349 KB |
3 |
davidoteo.com
3 redirects
davidoteo.com |
448 B |
2 |
google-analytics.com
www.google-analytics.com |
17 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
20 | 4 |
Domain | Requested by | |
---|---|---|
17 | www.alaskausamortgage.com |
www.alaskausamortgage.com
|
3 | davidoteo.com | 3 redirects |
2 | www.google-analytics.com |
www.googletagmanager.com
www.alaskausamortgage.com |
1 | www.googletagmanager.com |
www.alaskausamortgage.com
|
20 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
homeloans.alaskausamortgage.com |
login.alaskausa.org |
www.alaskausa.org |
www.facebook.com |
www.instagram.com |
www.linkedin.com |
www.nmlsconsumeraccess.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.alaskausamortgage.com DigiCert SHA2 Secure Server CA |
2018-09-19 - 2019-07-21 |
10 months | crt.sh |
*.google-analytics.com Google Internet Authority G3 |
2018-11-27 - 2019-02-19 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.alaskausamortgage.com/about/team.asp?p=OteoD
Frame ID: 94E8A3223A37A41DBD62CC1A6BE33637
Requests: 20 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://davidoteo.com/
HTTP 302
http://davidoteo.com/YUaKZ/ HTTP 302
http://davidoteo.com/ HTTP 301
https://www.alaskausamortgage.com/about/team.asp?p=OteoD Page URL
Detected technologies
Windows Server (Operating Systems) ExpandDetected patterns
- headers server /IIS(?:\/([\d.]+))?/i
IIS (Web Servers) Expand
Detected patterns
- headers server /IIS(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^google_tag_manager$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
15 Outgoing links
These are links going to different origins than the main page.
Title: Begin application
Search URL Search Domain Scan URL
Title: Forgot Login
Search URL Search Domain Scan URL
Title: Enroll
Search URL Search Domain Scan URL
Title: Arizona
Search URL Search Domain Scan URL
Title: Other home loans
Search URL Search Domain Scan URL
Title: All Alaska USA rates
Search URL Search Domain Scan URL
Title: Other home loans
Search URL Search Domain Scan URL
Title: Residential construction
Search URL Search Domain Scan URL
Title: Arizona
Search URL Search Domain Scan URL
Title: Facebook iconFacebook
Search URL Search Domain Scan URL
Title: Facebook iconFacebook
Search URL Search Domain Scan URL
Title: Instagram iconInstagram
Search URL Search Domain Scan URL
Title: LinkedIn iconLinkedIn
Search URL Search Domain Scan URL
Title: Alaska USA Federal Credit Union
Search URL Search Domain Scan URL
Title: National Mortgage Licensing System (NMLS) consumer access listing
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://davidoteo.com/
HTTP 302
http://davidoteo.com/YUaKZ/ HTTP 302
http://davidoteo.com/ HTTP 301
https://www.alaskausamortgage.com/about/team.asp?p=OteoD Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
team.asp
www.alaskausamortgage.com/about/ Redirect Chain
|
27 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
akusafonts.css
www.alaskausamortgage.com/css/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
akusa-base.css
www.alaskausamortgage.com/css/ |
28 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
akusa.css
www.alaskausamortgage.com/css/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aumc-logo-white.png
www.alaskausamortgage.com/images/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AUMC-p57.jpg
www.alaskausamortgage.com/current/Team/Data/Photos/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
at-symbol.gif
www.alaskausamortgage.com/images/ |
62 B 373 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
78 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EHL.png
www.alaskausamortgage.com/images/nav/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.11.3.min.js
www.alaskausamortgage.com/js/ |
94 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsSuite-1.9.5.js
www.alaskausamortgage.com/js/ |
55 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
akusa-phone.css
www.alaskausamortgage.com/css/ |
16 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
akusa-desktop.css
www.alaskausamortgage.com/css/ |
19 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
header_bg.png
www.alaskausamortgage.com/css/nav/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navSprites.png
www.alaskausamortgage.com/css/nav/ |
16 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
PTN57F-webfont.woff
www.alaskausamortgage.com/css/fonts/PTSans/ptsansnarrow_regular_macroman/ |
25 KB 25 KB |
Font
font/x-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
AkusaIcon.ttf
www.alaskausamortgage.com/css/fonts/AkusaIcon/ |
15 KB 16 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 111 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
agf.gif
www.alaskausamortgage.com/ |
43 B 355 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alaska USA Federal Credit Union (Banking)37 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask object| dataLayer function| doSubmit object| ub object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery boolean| o object| p boolean| v string| M object| agf function| lmMini function| loadToggle function| toggleContent function| toggleList string| resizePreviousView function| handleResize function| toggleSideMenu function| slideMenuIntoView function| FlagUB function| AddTracker object| jQuery11130939244899104446 function| onHide function| onBeforeShow function| applyHandlers function| onButtonKeydown function| onMenuKeydown function| onButtonClick10 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.alaskausamortgage.com/ | Name: _gat_UA-105087488-2 Value: 1 |
|
www.alaskausamortgage.com/ | Name: ASPSESSIONIDAGCRTSTS Value: BFOCFAOBHBPBPPPGGLLDPPDH |
|
.alaskausamortgage.com/ | Name: _gid Value: GA1.2.2012324074.1544871897 |
|
www.alaskausamortgage.com/ | Name: eB Value: OteoD |
|
.alaskausamortgage.com/ | Name: _gcl_au Value: 1.1.662409024.1544871897 |
|
.alaskausamortgage.com/ | Name: _ga Value: GA1.2.917777400.1544871897 |
|
www.alaskausamortgage.com/ | Name: LoC Value: OteoD |
|
www.alaskausamortgage.com/ | Name: agfs Value: 685d3b28a274a9c161248bf52e1b86c4.1192307&1544871898&1544871898&direct&(none)&&&&& |
|
www.alaskausamortgage.com/ | Name: agft Value: 685d3b28a274a9c161248bf52e1b86c4.1192307 |
|
www.alaskausamortgage.com/ | Name: oB Value: True |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
davidoteo.com
www.alaskausamortgage.com
www.google-analytics.com
www.googletagmanager.com
184.168.131.241
208.69.197.130
2a00:1450:4001:815::2008
2a00:1450:4001:81d::200e
02b5d43c46bb678cdcf2c0375ab22626afa5e44a7946e5f0cc3ca4571c8338c5
0930df813e05abcc03849a3403fcff2fe5ebe034c04f51095f723a23021bceb8
0a8bc977845d322b2a028ff676867741db0f176640b9a83e323d4874cf001c37
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
2b02ecea36e825b52ab652a933bf7639c0e6a6977aa39ea207be9f4e00bda29c
35b7d0ef4b6dbbd5f9f1f905621eb7f49a209670fd3757040138c53f10361464
38ad9ded2924dc9321ee28773b3c7c61b8a558b3a1f0643d96fb15cd36f126fc
39a412e246a6126dba4a17583516d8fb37919ca57d8078b863236f705c8ff199
3e8cfbbd69a0143f726fc0065806f8c7754a5d56f28c12648874a9976cc4118c
4972d92d50ee83983c7a30258d67fab05039f668a3ce9518e8204ff89cb882c1
4e3e22cf18c9bc9e642267b61e469a69bb7c73428eabc99f36901ba81903d28b
505251f17e21dc99dcd248a697febdab8814c2a0f3a5de7694b6b59f0a26afcf
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8cb4a5e0dd1eed9b2dc9bfde3caca824853c5f1476545c5d8506d62ba710bfbb
b2ff20f25f689ae41a528bc57ea19ebd4b60d0d41b550b82100c80032fdb4f5f
b688a3bcd1297cc0fe08e6e52fea14ba9108ee4b9a2052c03e7bac6e19347255
e7939a03248bb3f75e2f12226871e6e304b0c1e1fa506f3871548547cf24f32d
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f442ea1fb011713124e53144556304d033cbd003a78c85c044416cce292a604c