accounts.alaskafcugroup.icu
Open in
urlscan Pro
198.54.115.177
Malicious Activity!
Public Scan
Submission: On October 27 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 19th 2020. Valid for: a year.
This is the only time accounts.alaskafcugroup.icu was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Alaska USA Federal Credit Union (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
14 | 198.54.115.177 198.54.115.177 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:2b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 95.154.244.106 95.154.244.106 | 20860 (IOMART-AS) (IOMART-AS) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
19 | 5 |
ASN22612 (NAMECHEAP-NET, US)
PTR: server230-3.web-hosting.com
accounts.alaskafcugroup.icu |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
alaskafcugroup.icu
accounts.alaskafcugroup.icu |
888 KB |
2 |
gstatic.com
fonts.gstatic.com |
23 KB |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
smtpjs.com
smtpjs.com |
942 B |
1 |
jquery.com
code.jquery.com |
30 KB |
19 | 5 |
Domain | Requested by | |
---|---|---|
14 | accounts.alaskafcugroup.icu |
accounts.alaskafcugroup.icu
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
accounts.alaskafcugroup.icu
|
1 | smtpjs.com |
accounts.alaskafcugroup.icu
|
1 | code.jquery.com |
accounts.alaskafcugroup.icu
|
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
accounts.alaskafcugroup.icu Sectigo RSA Domain Validation Secure Server CA |
2020-10-19 - 2021-10-19 |
a year | crt.sh |
jquery.org Sectigo RSA Domain Validation Secure Server CA |
2020-10-06 - 2021-10-16 |
a year | crt.sh |
smtpjs.com Let's Encrypt Authority X3 |
2020-10-25 - 2021-01-23 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-10-06 - 2020-12-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://accounts.alaskafcugroup.icu/
Frame ID: 6F85266C27BF4200DF69F27FDB42B904
Requests: 19 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
accounts.alaskafcugroup.icu/ |
29 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
accounts.alaskafcugroup.icu/css/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
accounts.alaskafcugroup.icu/css/ |
110 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
akusafcu_logo.png
accounts.alaskafcugroup.icu/img/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warning.png
accounts.alaskafcugroup.icu/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
annual_report2019.png
accounts.alaskafcugroup.icu/img/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ncua.png
accounts.alaskafcugroup.icu/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EHL.png
accounts.alaskafcugroup.icu/img/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
smtp.js
smtpjs.com/v3/ |
871 B 942 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
accounts.alaskafcugroup.icu/js/ |
9 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header_bg.png
accounts.alaskafcugroup.icu/img/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homeSprites.png
accounts.alaskafcugroup.icu/img/ |
186 KB 186 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icofont.woff2
accounts.alaskafcugroup.icu/css/fonts/ |
525 KB 526 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ |
11 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
float1.png
accounts.alaskafcugroup.icu/img/ |
38 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slide1.jpg
accounts.alaskafcugroup.icu/img/ |
52 KB 52 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Alaska USA Federal Credit Union (Banking)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes function| $ function| jQuery object| Email function| sdMl0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.alaskafcugroup.icu
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
smtpjs.com
198.54.115.177
2001:4de0:ac19::1:b:2b
2a00:1450:4001:801::200a
2a00:1450:4001:81f::2003
95.154.244.106
1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f
192e6e55fc528d6da792eac4806fe872a3c3492eadf7c029a20cca46f99399cd
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46
3f68d088f179c2c42e6dc3cb4e7ad82885dc5fc47882f3056bbac6c77085b124
5165cad0f518784b20ed846b37038c291e5e584077b22c6e07aed2202e3824b8
57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
69719dfada3b0a883f3f8c2d96637f72870358b2272e0fc9fafb53f9e831f7ca
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
dd34a3df95e1a40230130e883298356107d8fe31bb2346bfeaa6b49340c321f7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d