sharlu.com
Open in
urlscan Pro
2a06:98c1:3121::a
Malicious Activity!
Public Scan
Effective URL: https://sharlu.com/iqcu/login/ses/session_index
Submission: On May 26 via manual from PL — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 14th 2021. Valid for: a year.
This is the only time sharlu.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: iQ Credit Union (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 192.64.119.252 192.64.119.252 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
2 21 | 2a06:98c1:312... 2a06:98c1:3121::a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:811::2003 | 15169 (GOOGLE) (GOOGLE) | |
24 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
sharlu.com
2 redirects
sharlu.com |
216 KB |
3 |
gstatic.com
fonts.gstatic.com |
47 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42 |
2 KB |
1 |
iqcusupport.info
1 redirects
iqcusupport.info |
229 B |
24 | 4 |
Domain | Requested by | |
---|---|---|
21 | sharlu.com |
2 redirects
sharlu.com
|
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | fonts.googleapis.com |
sharlu.com
|
1 | iqcusupport.info | 1 redirects |
24 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.iqcu.com |
cdn2.hubspot.net |
www.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-14 - 2022-07-13 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-05-04 - 2022-07-27 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://sharlu.com/iqcu/login/ses/session_index
Frame ID: 61D4BBC8EEECB66855CDEAEC6715AB95
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
iQ Credit UnionPage URL History Show full URLs
-
http://iqcusupport.info/
HTTP 302
https://sharlu.com/iqcu HTTP 301
https://sharlu.com/iqcu/ Page URL
-
https://sharlu.com/iqcu/login/Bots/bot/
HTTP 302
https://sharlu.com/iqcu/login/ Page URL
- https://sharlu.com/iqcu/login/ses/session_index Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- <link[^>]+foundation[^>"]+css
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: Contact Us
Search URL Search Domain Scan URL
Title: Privacy Notice
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://iqcusupport.info/
HTTP 302
https://sharlu.com/iqcu HTTP 301
https://sharlu.com/iqcu/ Page URL
-
https://sharlu.com/iqcu/login/Bots/bot/
HTTP 302
https://sharlu.com/iqcu/login/ Page URL
- https://sharlu.com/iqcu/login/ses/session_index Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://iqcusupport.info/ HTTP 302
- https://sharlu.com/iqcu HTTP 301
- https://sharlu.com/iqcu/
- https://sharlu.com/iqcu/login/Bots/bot/ HTTP 302
- https://sharlu.com/iqcu/login/
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
sharlu.com/iqcu/ Redirect Chain
|
58 B 435 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
sharlu.com/iqcu/login/ Redirect Chain
|
61 B 573 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
session_index
sharlu.com/iqcu/login/ses/ |
29 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-icons.css
sharlu.com/iqcu/login/ses/files/ |
115 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 610 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-ui.min.css
sharlu.com/iqcu/login/ses/files/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
base.min.css
sharlu.com/iqcu/login/ses/files/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iris.shim.mobile.min.css
sharlu.com/iqcu/login/ses/files/ |
611 B 786 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iris.android.min.css
sharlu.com/iqcu/login/ses/files/ |
96 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iris-foundation.min.css
sharlu.com/iqcu/login/ses/files/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
theme.mobile.min.css
sharlu.com/iqcu/login/ses/files/ |
111 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iris-components.shim.mobile.min.css
sharlu.com/iqcu/login/ses/files/ |
865 B 948 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
iris-components.min.css
sharlu.com/iqcu/login/ses/files/ |
178 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
isotope.1.5.3.min.css
sharlu.com/iqcu/login/ses/files/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Authentication-Isotope.min.css
sharlu.com/iqcu/login/ses/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
app-store-badge.svg
sharlu.com/Isotope/Images/ |
31 KB 31 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
google-play-badge.svg
sharlu.com/Isotope/Images/ |
31 KB 31 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
background_Image.jpg
sharlu.com/iqcu/login/ses/Images/ |
12 KB 12 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
MobileLogo.png
sharlu.com/iqcu/login/ses/files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Alkami.woff2
sharlu.com/iqcu/login/ses/files/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: iQ Credit Union (Financial)7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sharlu.com/ | Name: PHPSESSID Value: ae69354745c1ef069e977a5d0a5538f9 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
iqcusupport.info
sharlu.com
192.64.119.252
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a06:98c1:3121::a
06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7
0f2f9f60416ee8716d35f7a0908d78ded1de7f32d6b56b9ca42d705c42b49a45
1d588c3217175399ef71831cfa4821089ffa1af7b57c2e1c859900e4c7a3d863
2699e2d98cea2fa731b8925014f1fb550c27c43429fe888560eba07e78c84a7a
31af0d0bd7cc84d6ec53b767528f4d500a509695338350f0bded2e57075032d7
40907c44ea930d1e853fd7a7f53d0e1100074e4318fc8e524f66677dcf3168b8
409b5417b9cdf40d67e6264ca892ade68004a1443dd8fbfe70a55ec210020c52
4745b0f7239fe6895619059a21320d4c50e1bed485a32df435af0699dc09597a
4c7b591f19c35000858633e0610ae0b2b4db8fbfd71bb1864ea4c9bde1958575
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9
65c12121b00f8425f4bd66383649d717e0b381b0336eaf39c732e6d5bb1109e5
81f7da9e5ed534c6ac7ad9a0c45927f2c3c716cb15b3480aadb9dbe54f4bcb8a
9b41143735855280fb781e1f93d36c924545ab545713971936dace61083e9c13
bcf82308a4a42f5785de42dda6584b42785e242cc336bd5d8e937b6e2d0d816e
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
e2517881bcf4e7307097a3d143ffdfa218f1830c381347d746f06b1eb8a099bb
e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880
f555d3efaa4e368224cc19b0b261b00da4183e8a5247d3858e8ce7e2aa764558
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef