![](/screenshots/52c2ba1e-9180-4168-91c7-4e90a51cc6f3.png)
abakerswife.com
Open in
urlscan Pro
198.57.151.187
Malicious Activity!
Public Scan
Submission: On November 25 via manual from IN — Scanned from DE
Summary
This is the only time abakerswife.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 198.57.151.187 198.57.151.187 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2606:4700:303... 2606:4700:3038::6815:e9b9 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:808::200e | 15169 (GOOGLE) (GOOGLE) | |
5 | 3 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: deinchiriat.com
abakerswife.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 73 |
17 KB |
2 |
abakerswife.com
abakerswife.com |
3 KB |
1 |
iconarchive.com
icons.iconarchive.com — Cisco Umbrella Rank: 78733 |
7 KB |
5 | 3 |
Domain | Requested by | |
---|---|---|
2 | www.google-analytics.com |
abakerswife.com
|
2 | abakerswife.com |
abakerswife.com
|
1 | icons.iconarchive.com |
abakerswife.com
|
5 | 3 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://abakerswife.com/wp-admin/net/repair/?email=corporate_communications%40navyfederal.org&entity=1994173
Frame ID: 4BE129D4BA9EDAC874F80187E4D2660A
Requests: 5 HTTP requests in this frame
Screenshot
![](/screenshots/52c2ba1e-9180-4168-91c7-4e90a51cc6f3.png)
Page Title
email Settings | For: corporate_communications@navyfederal.orgDetected technologies
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://www.google-analytics.com/ga.js HTTP 307
- https://www.google-analytics.com/ga.js
- http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=82271135&utmhn=abakerswife.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=email%20Settings%20%7C%20For%3A%20corporate_communications%40navyfederal.org&utmhid=651935056&utmr=-&utmp=%2Fwp-admin%2Fnet%2Frepair%2F%3Femail%3Dcorporate_communications%252540navyfederal.org%26entity%3D1994173&utmht=1669392438208&utmac=UA-96586258-1&utmcc=__utma%3D11675492.463984812.1669392438.1669392438.1669392438.1%3B%2B__utmz%3D11675492.1669392438.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1833418940&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
- https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=82271135&utmhn=abakerswife.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=email%20Settings%20%7C%20For%3A%20corporate_communications%40navyfederal.org&utmhid=651935056&utmr=-&utmp=%2Fwp-admin%2Fnet%2Frepair%2F%3Femail%3Dcorporate_communications%252540navyfederal.org%26entity%3D1994173&utmht=1669392438208&utmac=UA-96586258-1&utmcc=__utma%3D11675492.463984812.1669392438.1669392438.1669392438.1%3B%2B__utmz%3D11675492.1669392438.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1833418940&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
5 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
abakerswife.com/wp-admin/net/repair/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google_analytics_auto.js
abakerswife.com/ |
430 B 599 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
email-2-icon.png
icons.iconarchive.com/icons/graphicloads/100-flat/256/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
www.google-analytics.com/ Redirect Chain
|
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
www.google-analytics.com/r/ Redirect Chain
|
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _gaq string| message function| clickIE function| clickNS function| disableCtrlKeyCombination object| _gat object| gaGlobal5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.abakerswife.com/ | Name: __utma Value: 11675492.463984812.1669392438.1669392438.1669392438.1 |
|
.abakerswife.com/ | Name: __utmc Value: 11675492 |
|
.abakerswife.com/ | Name: __utmz Value: 11675492.1669392438.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.abakerswife.com/ | Name: __utmt Value: 1 |
|
.abakerswife.com/ | Name: __utmb Value: 11675492.1.10.1669392438 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abakerswife.com
icons.iconarchive.com
www.google-analytics.com
198.57.151.187
2606:4700:3038::6815:e9b9
2a00:1450:4001:808::200e
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
318657c24956ad2331f32dc4692fcb0b48ab77e2c6b8fa81dbe61cf9e1f956ac
3e31591c5d7b2311bfd80bda1540f57a825323044e6ce923ca96b158f4f059d0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9b76980f800f067d6c3210912939795ad385e827cd768ed1a1498fc8ff09669c