accounts.alaskafcugroup.icu Open in urlscan Pro
198.54.115.177 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://accounts.alaskafcugroup.icu/
Submission: On October 27 via manual (October 27th 2020, 3:41:27 pm UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 19 HTTP transactions. The main IP is 198.54.115.177, located in Los Angeles, United States and belongs to NAMECHEAP-NET, US. The main domain is accounts.alaskafcugroup.icu.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 19th 2020. Valid for: a year.

This is the only time accounts.alaskafcugroup.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
14	198.54.115.177 198.54.115.177	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	95.154.244.106 95.154.244.106	20860 (IOMART-AS) (IOMART-AS)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
19	5

14 198.54.115.177 (Los Angeles, United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server230-3.web-hosting.com

accounts.alaskafcugroup.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.154.244.106 (United Kingdom)

ASN20860 (IOMART-AS, GB)

smtpjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	alaskafcugroup.icu accounts.alaskafcugroup.icu	888 KB
2	gstatic.com fonts.gstatic.com	23 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	smtpjs.com smtpjs.com	942 B
1	jquery.com code.jquery.com	30 KB
19	5

	Domain	Requested by
14	accounts.alaskafcugroup.icu	accounts.alaskafcugroup.icu
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	accounts.alaskafcugroup.icu
1	smtpjs.com	accounts.alaskafcugroup.icu
1	code.jquery.com	accounts.alaskafcugroup.icu
19	5

This site contains no links.

Subject Issuer	Validity	Valid
accounts.alaskafcugroup.icu Sectigo RSA Domain Validation Secure Server CA	`2020-10-19` - `2021-10-19`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
smtpjs.com Let's Encrypt Authority X3	`2020-10-25` - `2021-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://accounts.alaskafcugroup.icu/
Frame ID: 6F85266C27BF4200DF69F27FDB42B904
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

944 kB
Transfer

1136 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
accounts.alaskafcugroup.icu/ 29 KB
4 KB 475ms
167ms Document
text/html 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 69719dfada3b0a883f3f8c2d96637f72870358b2272e0fc9fafb53f9e831f7ca

Request headers

:method: GET
:authority: accounts.alaskafcugroup.icu
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:07 GMT
server: Apache
last-modified: Mon, 19 Oct 2020 20:58:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3882
content-type: text/html

GET
H2 200 style.css
accounts.alaskafcugroup.icu/css/ 11 KB
2 KB 165ms
164ms Stylesheet
text/css 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.alaskafcugroup.icu/css/style.css
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: dd34a3df95e1a40230130e883298356107d8fe31bb2346bfeaa6b49340c321f7

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 15:41:07 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 20:58:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 2362

GET
H2 200 fonts.css
accounts.alaskafcugroup.icu/css/ 110 KB
18 KB 307ms
307ms Stylesheet
text/css 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.alaskafcugroup.icu/css/fonts.css
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 5165cad0f518784b20ed846b37038c291e5e584077b22c6e07aed2202e3824b8

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 15:41:07 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 20:58:36 GMT
server: Apache
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 17883

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 28ms
10ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Origin: https://accounts.alaskafcugroup.icu
Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 15:41:07 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
status: 200
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1603813267.dop014.fr8.t,1603813267.cds248.fr8.hn,1603813267.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 akusafcu_logo.png
accounts.alaskafcugroup.icu/img/ 16 KB
16 KB 161ms
161ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/akusafcu_logo.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:58:53 GMT
server: Apache
accept-ranges: bytes
content-length: 16228
content-type: image/png

GET
H2 200 warning.png
accounts.alaskafcugroup.icu/img/ 1 KB
1 KB 279ms
277ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/warning.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:59:01 GMT
server: Apache
accept-ranges: bytes
content-length: 1249
content-type: image/png

GET
H2 200 annual_report2019.png
accounts.alaskafcugroup.icu/img/ 28 KB
28 KB 283ms
282ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/annual_report2019.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:58:46 GMT
server: Apache
accept-ranges: bytes
content-length: 28534
content-type: image/png

GET
H2 200 ncua.png
accounts.alaskafcugroup.icu/img/ 4 KB
4 KB 278ms
277ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/ncua.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:58:49 GMT
server: Apache
accept-ranges: bytes
content-length: 4280
content-type: image/png

GET
H2 200 EHL.png
accounts.alaskafcugroup.icu/img/ 3 KB
3 KB 419ms
419ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/EHL.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:59:01 GMT
server: Apache
accept-ranges: bytes
content-length: 3317
content-type: image/png

GET
H/1.1 200
OK smtp.js Show response
smtpjs.com/v3/ 871 B
942 B 121ms
27ms Script
application/javascript 95.154.244.106
IOMART-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smtpjs.com/v3/smtp.js
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 95.154.244.106 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 27 Oct 2020 15:41:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Apr 2019 12:13:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "80e556c5dfead41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 603

GET
H2 200 index.js Show response
accounts.alaskafcugroup.icu/js/ 9 KB
2 KB 157ms
156ms Script
application/javascript 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.alaskafcugroup.icu/js/index.js
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 192e6e55fc528d6da792eac4806fe872a3c3492eadf7c029a20cca46f99399cd

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 27 Oct 2020 15:41:08 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:12:59 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1686

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 33ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f68d088f179c2c42e6dc3cb4e7ad82885dc5fc47882f3056bbac6c77085b124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.alaskafcugroup.icu/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Oct 2020 14:43:16 GMT
server: ESF
date: Tue, 27 Oct 2020 15:41:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Oct 2020 15:41:07 GMT

GET
H2 200 header_bg.png
accounts.alaskafcugroup.icu/img/ 8 KB
8 KB 415ms
415ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/header_bg.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6

Request headers

Referer: https://accounts.alaskafcugroup.icu/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:58:47 GMT
server: Apache
accept-ranges: bytes
content-length: 8058
content-type: image/png

GET
H2 200 homeSprites.png
accounts.alaskafcugroup.icu/img/ 186 KB
186 KB 541ms
541ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/homeSprites.png
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c

Request headers

Referer: https://accounts.alaskafcugroup.icu/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:58:45 GMT
server: Apache
accept-ranges: bytes
content-length: 190407
content-type: image/png

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 26ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accounts.alaskafcugroup.icu
Referer: https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 26 Oct 2020 15:53:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:11 GMT
server: sffe
age: 85685
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
expires: Tue, 26 Oct 2021 15:53:03 GMT

GET
H2 200 icofont.woff2
accounts.alaskafcugroup.icu/css/fonts/ 525 KB
526 KB 680ms
680ms Font
font/woff2 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.alaskafcugroup.icu/css/fonts/icofont.woff2
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/css/fonts.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1

Request headers

Origin: https://accounts.alaskafcugroup.icu
Referer: https://accounts.alaskafcugroup.icu/css/fonts.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:08 GMT
last-modified: Mon, 19 Oct 2020 20:59:17 GMT
server: Apache
accept-ranges: bytes
content-length: 537868
content-type: font/woff2

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://accounts.alaskafcugroup.icu
Referer: https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:37 GMT
server: sffe
age: 534026
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11504
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:42 GMT

GET
H2 200 float1.png
accounts.alaskafcugroup.icu/img/ 38 KB
38 KB 164ms
163ms Image
image/png 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/float1.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:09 GMT
last-modified: Mon, 19 Oct 2020 20:58:47 GMT
server: Apache
accept-ranges: bytes
content-length: 38614
content-type: image/png

GET
H2 200 slide1.jpg
accounts.alaskafcugroup.icu/img/ 52 KB
52 KB 161ms
161ms Image
image/jpeg 198.54.115.177
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.alaskafcugroup.icu/img/slide1.jpg
Requested by: Host: accounts.alaskafcugroup.icu
URL: https://accounts.alaskafcugroup.icu/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.54.115.177 Los Angeles, United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server230-3.web-hosting.com
Software: Apache /
Resource Hash: 1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f

Request headers

Referer: https://accounts.alaskafcugroup.icu/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 27 Oct 2020 15:41:09 GMT
last-modified: Mon, 19 Oct 2020 20:58:55 GMT
server: Apache
accept-ranges: bytes
content-length: 53072
content-type: image/jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.alaskafcugroup.icu
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
smtpjs.com
198.54.115.177
2001:4de0:ac19::1:b:2b
2a00:1450:4001:801::200a
2a00:1450:4001:81f::2003
95.154.244.106
1005c81e34195681e8804f8c3373eb694a24a3b1b29e213bb15eb62558fd7e2f
192e6e55fc528d6da792eac4806fe872a3c3492eadf7c029a20cca46f99399cd
1c7cd686a01f2dcffc1f55119624e9166300721172b4e7ad284ff734bc8db0a1
1fd711cb491a361ef91e29c50de0680a4b156c0b34bb91e18570d0037263a776
242e542871bd77c8ff6375418e349ef6b3a32a208e15ca1441166641d212a6a1
2a9ea79fd7475239fbaf329d96211c18d1ad812be5f402fe9571c5db6c789f46
3f68d088f179c2c42e6dc3cb4e7ad82885dc5fc47882f3056bbac6c77085b124
5165cad0f518784b20ed846b37038c291e5e584077b22c6e07aed2202e3824b8
57e36e601c00b7303300b847252d692ed85f713f8b4bae390073cafe5cc36734
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
69719dfada3b0a883f3f8c2d96637f72870358b2272e0fc9fafb53f9e831f7ca
6ceabe544edbb8513733f30b14c1d17a2fa51e461f972c31d17e5450d4718603
91e219a364aee6c0d5f23d8406ce671d68c0264e0767414ce66e8f56ebd2db78
9ae1e27e08b4bbc15557c0f5bbd97b4009eb86c85da9fb2be4c4085a5289182f
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
beb161501df73ad297e1a7679cc63010d22d479ea146e56ef2b3f7a7e9b06c9c
d6641292ca4109173a6ca88b1353f0a6edeaad1c5f90e4c69c6999943109a878
dd34a3df95e1a40230130e883298356107d8fe31bb2346bfeaa6b49340c321f7
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

accounts.alaskafcugroup.icu Open in urlscan Pro 198.54.115.177 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

19 Requests

100 %HTTPS

60 %IPv6

5 Domains

5 Subdomains

5 IPs

4 Countries

944 kBTransfer

1136 kBSize

0 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

accounts.alaskafcugroup.icu Open in urlscan Pro
198.54.115.177 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

944 kB
Transfer

1136 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!