abzarsaeid.ir
Open in
urlscan Pro
45.129.37.115
Malicious Activity!
Public Scan
Submission: On April 22 via automatic, source openphish — Scanned from DE
Summary
This is the only time abzarsaeid.ir was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Spokane Teachers Credit Union (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 45.129.37.115 45.129.37.115 | 208555 (MOBINHOST...) (MOBINHOST MobinhostInfrastructure) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
8 | 2600:9000:214... 2600:9000:214f:9800:4:819e:800:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 18.66.122.105 18.66.122.105 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 104.18.243.105 104.18.243.105 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::2003 | 15169 (GOOGLE) (GOOGLE) | |
22 | 7 |
ASN208555 (MOBINHOST MobinhostInfrastructure, IR)
PTR: server24.dn-server.com
abzarsaeid.ir |
ASN16509 (AMAZON-02, US)
assets.orb.alkamitech.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-105.fra60.r.cloudfront.net
iris.alkamitech.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
alkamitech.com
assets.orb.alkamitech.com — Cisco Umbrella Rank: 33725 iris.alkamitech.com — Cisco Umbrella Rank: 51765 |
158 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
3 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 607 fonts.googleapis.com — Cisco Umbrella Rank: 119 |
33 KB |
3 |
abzarsaeid.ir
abzarsaeid.ir |
16 KB |
2 |
stcu.org
my.stcu.org — Cisco Umbrella Rank: 513038 |
30 KB |
22 | 5 |
Domain | Requested by | |
---|---|---|
8 | assets.orb.alkamitech.com |
abzarsaeid.ir
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | iris.alkamitech.com |
abzarsaeid.ir
|
3 | abzarsaeid.ir |
abzarsaeid.ir
|
2 | my.stcu.org |
abzarsaeid.ir
my.stcu.org |
2 | fonts.googleapis.com |
abzarsaeid.ir
|
1 | ajax.googleapis.com |
abzarsaeid.ir
|
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
stcu.org |
www.ncua.gov |
calcubot.com |
www.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
*.orb.alkamitech.com Entrust Certification Authority - L1K |
2022-12-05 - 2023-12-05 |
a year | crt.sh |
iris.alkamitech.com Amazon RSA 2048 M01 |
2023-02-21 - 2023-07-22 |
5 months | crt.sh |
my.stcu.org Entrust Certification Authority - L1M |
2023-02-06 - 2024-02-06 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-04-03 - 2023-06-26 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://abzarsaeid.ir/STCU/
Frame ID: 5A8B9255AC6A8A07F259CCA099E95442
Requests: 22 HTTP requests in this frame
8 Outgoing links
These are links going to different origins than the main page.
Title: STCU Home
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Locations
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Auto Loan Calculator
Search URL Search Domain Scan URL
Title: Mortgage Calculator
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
abzarsaeid.ir/STCU/ |
101 KB 14 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-icons.css
assets.orb.alkamitech.com/production/icons/SpokaneTeachers/font/ |
115 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 634 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.css
assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.3.2/stylesheets/vendor/jquery/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base.min.css
assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.3.2/stylesheets/mobile/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris.shim.mobile.min.css
assets.orb.alkamitech.com/cdn/alkami-orb-client-global/1.3.2/lib/iris/ |
611 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris.android.min.css
assets.orb.alkamitech.com/cdn/alkami-iris/2.1.3/ |
96 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-foundation.min.css
assets.orb.alkamitech.com/cdn/alkami-iris-foundation/1.6.1/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
theme.mobile.min.css
assets.orb.alkamitech.com/production/themesets/8054c733-80e7-420c-9007-09a927f36aa3/themes/legacy/spokane/Stylesheets/ |
111 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-components.shim.mobile.min.css
iris.alkamitech.com/cdn/iris-vue@official/ |
910 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-foundation.min.css
iris.alkamitech.com/cdn/iris-foundation/latest/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iris-components.min.css
iris.alkamitech.com/cdn/iris-vue@official/ |
355 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
isotope.min.css
my.stcu.org/Isotope/Styles/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-store-badge.svg
abzarsaeid.ir/Isotope/Images/ |
708 B 708 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.svg
abzarsaeid.ir/Isotope/Images/ |
708 B 708 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MobileLogo
my.stcu.org/Image/ |
26 KB 27 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alkami.woff2
assets.orb.alkamitech.com/production/icons/SpokaneTeachers/font/ |
42 KB 43 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Spokane Teachers Credit Union (Financial)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| toKebabCase function| myFunction1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.stcu.org/ | Name: __cf_bm Value: jmzMN6Jp3RE3lJc403twEjG_84yRO_0aZM9FDX1m_Ok-1682176583-0-AWG/QhBSATjpUSxRkrL+ZOAFnctCeIf7xUCqmzrB59uGPivp7X6tG4HqbDJno7II653HKcBy+2tCbWZ8j933cSo= |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
abzarsaeid.ir
ajax.googleapis.com
assets.orb.alkamitech.com
fonts.googleapis.com
fonts.gstatic.com
iris.alkamitech.com
my.stcu.org
104.18.243.105
18.66.122.105
2600:9000:214f:9800:4:819e:800:93a1
2a00:1450:4001:800::200a
2a00:1450:4001:803::200a
2a00:1450:4001:82a::2003
45.129.37.115
037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f
06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7
1e52414e6bbf50a1022bb22af6ecbb9b2fabe24ddfb02c633f20a23360561974
344665f5bc46e5d8ae9e8f33f98b1987b1f4dc91b6b852073f6d8b45b747fcab
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3ca2c160a099c291e1cc41b9d7aa5f574b5d80b5d0ad54669de94e70e59e65ec
65c12121b00f8425f4bd66383649d717e0b381b0336eaf39c732e6d5bb1109e5
735401b005d7e75701833cfc9bc019f39df978f69442d18172b864df8204bbd2
875a4f825a8ff3acf412966745ee38cdff5a47e827b90587674d7b8b3de887de
a794676a4c63ac4059ef5b1dd0ce7c3ed92d623a9d9ebf0a0a9f548569a63a78
bdafd8ff4a2cfb9b6a0b6f314a5893929a2b282a054b5b50d066be6505cbd73d
e0c12ebd9dd26acdef7f9cc7d76de6ae322e659291bcce766f6608945499f1d0
e1a457fcc3c6c0d23336df97c1e5594395410bbb67e79719498c53e3551c838f
eb6ccca3b835ea7b1ae20b654d8969ddf58cd73cb5a8209584cc4df16ce9d98a
f323fc9e13fd6a7758914ff9eefe58a1828eceaf1fe979659b1117694910c1e4
f555d3efaa4e368224cc19b0b261b00da4183e8a5247d3858e8ce7e2aa764558
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e