alaskafcu.netlify.app
Open in
urlscan Pro
2a03:b0c0:3:e0::2b7:f001
Malicious Activity!
Public Scan
Submission: On October 07 via manual from US
Summary
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on March 4th 2020. Valid for: a year.
This is the only time alaskafcu.netlify.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alaska USA Federal Credit Union (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 2a03:b0c0:3:e... 2a03:b0c0:3:e0::2b7:f001 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 95.154.244.106 95.154.244.106 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
19 | 5 |
ASN14061 (DIGITALOCEAN-ASN, US)
alaskafcu.netlify.app |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
netlify.app
alaskafcu.netlify.app |
886 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
1 |
googleapis.com
fonts.googleapis.com |
781 B |
1 |
smtpjs.com
smtpjs.com |
942 B |
1 |
jquery.com
code.jquery.com |
30 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
14 | alaskafcu.netlify.app |
alaskafcu.netlify.app
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
alaskafcu.netlify.app
|
1 | smtpjs.com |
alaskafcu.netlify.app
|
1 | code.jquery.com |
alaskafcu.netlify.app
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.netlify.app AlphaSSL CA - SHA256 - G2 |
2020-03-04 - 2021-03-05 |
a year | crt.sh |
jquery.org COMODO RSA Domain Validation Secure Server CA |
2018-10-17 - 2020-10-16 |
2 years | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-10-07 - 2021-01-05 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-09-03 - 2020-11-26 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://alaskafcu.netlify.app/
Frame ID: A7298EEF3B437312EDA9B895AD69EDE5
Requests: 19 HTTP requests in this frame
Screenshot
Detected technologies
Netlify (Web Servers) ExpandDetected patterns
- headers server /^Netlify/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
alaskafcu.netlify.app/ |
29 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
alaskafcu.netlify.app/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
alaskafcu.netlify.app/css/ |
110 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
akusafcu_logo.png
alaskafcu.netlify.app/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warning.png
alaskafcu.netlify.app/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
annual_report2019.png
alaskafcu.netlify.app/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncua.png
alaskafcu.netlify.app/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EHL.png
alaskafcu.netlify.app/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smtp.js
smtpjs.com/v3/ |
871 B 942 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
alaskafcu.netlify.app/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_bg.png
alaskafcu.netlify.app/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homeSprites.png
alaskafcu.netlify.app/img/ |
186 KB 186 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icofont.woff2
alaskafcu.netlify.app/css/fonts/ |
525 KB 526 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
float1.png
alaskafcu.netlify.app/img/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide1.jpg
alaskafcu.netlify.app/img/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alaska USA Federal Credit Union (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| Email function| sdMl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
alaskafcu.netlify.app
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
smtpjs.com
2001:4de0:ac19::1:b:2b
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a03:b0c0:3:e0::2b7:f001
95.154.244.106
1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46
3f68d088f179c2c42e6dc3cb4e7ad82885dc5fc47882f3056bbac6c77085b124
5165cad0f518784b20ed846b37038c291e5e584077b22c6e07aed2202e3824b8
57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734
5931519940bbdcbb02d48fcb894858d69950e8f9fdbf31c266d8373612c0e8a9
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
69719dfada3b0a883f3f8c2d96637f72870358b2272e0fc9fafb53f9e831f7ca
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
c3390785f38d54af60b3b1ee15846a6705985a219618815769f5fbf22c208d59
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d