![](/screenshots/779b5fb5-d54c-41e9-9ef3-cac6794497a2.png)
studentlifesaviour.com
Open in
urlscan Pro
162.144.136.159
Malicious Activity!
Public Scan
Effective URL: https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/rz6loi22ahd7c70uxn2ra9m1.php??authorize?client_id=4345a7b9-9a63-4...
Submission: On October 21 via manual from US
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on September 16th 2020. Valid for: 3 months.
This is the only time studentlifesaviour.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Navy Federal Credit Union (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 34 | 162.144.136.159 162.144.136.159 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
32 | 1 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: mail.australianassignmenthelp.com
studentlifesaviour.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
34 |
studentlifesaviour.com
2 redirects
studentlifesaviour.com |
289 KB |
32 | 1 |
Domain | Requested by | |
---|---|---|
34 | studentlifesaviour.com |
2 redirects
studentlifesaviour.com
|
32 | 1 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.navyfederal.org |
accountservices.navyfederal.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.studentlifesaviour.australianassignmenthelp.com Let's Encrypt Authority X3 |
2020-09-16 - 2020-12-15 |
3 months | crt.sh |
This page contains 6 frames:
Primary Page:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/rz6loi22ahd7c70uxn2ra9m1.php??authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3dix1bRYcZyTtsOJ4fCyynNPbx-oRiEqQskQTQSNWg-kKeLduC4WKeKd7dSA63bHx9bBL1TSHGQFKz22U15b0ywRBsXJawZtcL2xTgjhjoUUEt0gaqz51cEIoPcCqGWL5U&nonce=636725440919915654.ZjQ3NTc0MTEtMDEzNS00MDhjLWFiZTYtZjM3NjliZDgyZTUwYWUwMGI0YjgtZGZiMC00NmQxLWE3NmItZGM3ZWI5Zjk2ODIw&redirect_uri=https%3a%2f%2fwww.office.com%2f&ui_locales=en-US&mkt=en-US&Email=
Frame ID: DFA469C55D167C7065A80E93B8FD3AF6
Requests: 27 HTTP requests in this frame
Frame:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/index_1.html
Frame ID: 7D9A76DC6D8CA54F7908BBEA86B66A4E
Requests: 1 HTTP requests in this frame
Frame:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/index_2.html
Frame ID: D6AEF48543F301BCEA94AD4E7733A79F
Requests: 1 HTTP requests in this frame
Frame:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/spacer.gif
Frame ID: 485A1DE47A45386689C00EFF372C5EAF
Requests: 1 HTTP requests in this frame
Frame:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/index_3.html
Frame ID: 615958E8B9DD6B66A3F638F2D3803CA9
Requests: 1 HTTP requests in this frame
Frame:
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/index_4.html
Frame ID: C7F3E327B4D96AEB42DB87AE1D1F39EF
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/779b5fb5-d54c-41e9-9ef3-cac6794497a2.png)
Page URL History Show full URLs
-
https://studentlifesaviour.com/wp-content/plugins/contactic/scu.php
HTTP 302
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/index.php HTTP 302
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/rz6loi22ahd7c70uxn2ra9m1.php??authorize?clien... Page URL
Detected technologies
Detected patterns
- url /\.php(?:$|\?)/i
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Locations
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: Sign In Help
Search URL Search Domain Scan URL
Title: Enroll in digital banking »
Search URL Search Domain Scan URL
Title: Learn more »
Search URL Search Domain Scan URL
Title: About Us
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Browser Support
Search URL Search Domain Scan URL
Title: Federally Insured by NCUA
Search URL Search Domain Scan URL
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://studentlifesaviour.com/wp-content/plugins/contactic/scu.php
HTTP 302
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/index.php HTTP 302
https://studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/rz6loi22ahd7c70uxn2ra9m1.php??authorize?client_id=4345a7b9-9a63-4910-a426-35363201d503&response_mode=form_post&response_type=code+id_token&scope=openid+profile&state=OpenIdConnect.AuthenticationProperties%3dix1bRYcZyTtsOJ4fCyynNPbx-oRiEqQskQTQSNWg-kKeLduC4WKeKd7dSA63bHx9bBL1TSHGQFKz22U15b0ywRBsXJawZtcL2xTgjhjoUUEt0gaqz51cEIoPcCqGWL5U&nonce=636725440919915654.ZjQ3NTc0MTEtMDEzNS00MDhjLWFiZTYtZjM3NjliZDgyZTUwYWUwMGI0YjgtZGZiMC00NmQxLWE3NmItZGM3ZWI5Zjk2ODIw&redirect_uri=https%3a%2f%2fwww.office.com%2f&ui_locales=en-US&mkt=en-US&Email= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
rz6loi22ahd7c70uxn2ra9m1.php
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/ Redirect Chain
|
17 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
css.css
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
5 KB 980 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfcu-icons-599150400912c8247ee1872211972b2a.css
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all-599150400912c8247ee1872211972b2a.css
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
49 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nauth-599150400912c8247ee1872211972b2a.css
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsivemain-599150400912c8247ee1872211972b2a.css
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
134 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
NFCU_Mob_Logo-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img_logo-veterans-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
21 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
contact-us-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-BecomeAMember-1d62888b4b662af9142e3c385f423f32.jpg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
181 KB 182 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Group5159-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Group5166-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Group5158-1d62888b4b662af9142e3c385f423f32.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_1.html
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ Frame 7D9A |
143 B 496 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_2.html
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ Frame D6AE |
143 B 497 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
spacer.gif
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ Frame 485A |
43 B 356 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_3.html
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ Frame 6159 |
143 B 497 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index_4.html
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ Frame C7F3 |
469 B 703 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.woff2
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg_globe.png
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfcu-icons.woff
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
img-billboard-BG.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
9 KB 10 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
toolTip.svg
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
640 B 957 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.png
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.woff
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fa-solid-900.ttf
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.woff2
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nfcu-icons.ttf
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.woff
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sourcesanspro-semibold-webfont.ttf
studentlifesaviour.com/wp-content/plugins/nfcu20/Navy/images/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Navy Federal Credit Union (Government)9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
studentlifesaviour.com/ | Name: PHPSESSID Value: 9lkmn7pbplnp33v4lh38dspjf3 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
studentlifesaviour.com
162.144.136.159
137f34c69c07dd3f6c1caf23bf0611cff6fe684b58ce75b22677abc149643001
16eb10aacb5be4e997453d0d2501d49e7d3a236828ee90f22cd3f913951a6d67
2cca552b4d48760fdce1fb2c0a21e6bf09b6ada1f7e70f5b1f4b7b810367c630
3e700f9ff93a023fcaee00daeb83062c9492803afc78643532d41d369133f991
4638cc3d3987c8e8be09ab6604bb0e87a4b08a20f0e12438c10b4af94560af73
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5beb12e9f35d35328a24ddf697154e44377b50a8eff1b44eb185016b8b619c98
670c2c5a0222085cb1bb76084ad7424d24d672c6f143b8fbde9608ef37db1530
695b1960aa3a891a74a5d3f4d50bd79ddd0d128d5bdbadce1d30f2ded543c76e
83de0b26f5230608c42df74eab660c8e7a51ffe1710ce6c2514bd9c7756b5488
8492e6c7f334911a6315ca5e6a0c8090e03d256903d19b4895564f8992ee3edd
89a821c2c4f26ce58357c1e2fe213e58de98e7a7dd0ddc17e2b3aedeb3a1beae
8d1261ea1089c79204d3f242918c65890544b31155db024a2d23b01257015de2
abd0ba3bfcdb6d0b220ce116d51b7317e7e872106601e1d4451fab6f23698d42
b0418e483bfff90e1777122d27a731e1b2abc19abc17ab97816825467da822db
c1f6e256356b55558c4b07532c0fb5c884a8a8e58c7926f14f718335c2ed2176
d3c66738cff7fddc343adf5eed0f1ace982866d8beacbd1d699c45ce7cde17d8
eac7a5450fce00715e381e02b2359fa4bd7ddd5a30f52e15ca9c342ce24d3b37
ee4321efb356cf875dacf07419eb2649351e5907c159754a94b7b3be02479fe9
f7da84eea3d03884fcce20e3c82b7d11f3f0ac91c48b0f57d675ab54e2646ee3