support-icuonline0g5.dynalias.com
Open in
urlscan Pro
104.131.74.98
Malicious Activity!
Public Scan
Effective URL: https://support-icuonline0g5.dynalias.com/login/login/ses/session_index
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On December 16 via api from IT — Scanned from IT
Summary
TLS certificate: Issued by R3 on December 16th 2023. Valid for: 3 months.
This is the only time support-icuonline0g5.dynalias.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Idaho Central Credit Union (Government)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 20 | 104.131.74.98 104.131.74.98 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:813::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 3 |
ASN14061 (DIGITALOCEAN-ASN, US)
icuu02device-online.servebbs.com | |
support-icuonline0g5.dynalias.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
dynalias.com
1 redirects
support-icuonline0g5.dynalias.com |
715 KB |
1 |
gstatic.com
fonts.gstatic.com |
16 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
979 B |
1 |
servebbs.com
icuu02device-online.servebbs.com |
3 KB |
21 | 4 |
Domain | Requested by | |
---|---|---|
19 | support-icuonline0g5.dynalias.com |
1 redirects
icuu02device-online.servebbs.com
support-icuonline0g5.dynalias.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
support-icuonline0g5.dynalias.com
|
1 | icuu02device-online.servebbs.com | |
21 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.iccu.com |
www.facebook.com |
twitter.com |
www.youtube.com |
www.linkedin.com |
instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
support-icuonline0g5.dynalias.com R3 |
2023-12-16 - 2024-03-15 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-11-20 - 2024-02-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://support-icuonline0g5.dynalias.com/login/login/ses/session_index
Frame ID: BE3307773F299187802227853D7980EF
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Idaho Central Credit UnionPage URL History Show full URLs
- http://icuu02device-online.servebbs.com/ Page URL
- https://support-icuonline0g5.dynalias.com/login/ Page URL
-
https://support-icuonline0g5.dynalias.com/login/login/Bots/bot/
HTTP 302
https://support-icuonline0g5.dynalias.com/login/login/ Page URL
- https://support-icuonline0g5.dynalias.com/login/login/ses/session_index Page URL
Detected technologies
ZURB Foundation (Web Frameworks) ExpandDetected patterns
- <link[^>]+foundation[^>"]+css
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Rates
Search URL Search Domain Scan URL
Title: View Full Site
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://icuu02device-online.servebbs.com/ Page URL
- https://support-icuonline0g5.dynalias.com/login/ Page URL
-
https://support-icuonline0g5.dynalias.com/login/login/Bots/bot/
HTTP 302
https://support-icuonline0g5.dynalias.com/login/login/ Page URL
- https://support-icuonline0g5.dynalias.com/login/login/ses/session_index Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://support-icuonline0g5.dynalias.com/login/login/Bots/bot/ HTTP 302
- https://support-icuonline0g5.dynalias.com/login/login/
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
icuu02device-online.servebbs.com/ |
3 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
support-icuonline0g5.dynalias.com/login/ |
58 B 246 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
support-icuonline0g5.dynalias.com/login/login/ Redirect Chain
|
61 B 267 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
session_index
support-icuonline0g5.dynalias.com/login/login/ses/ |
30 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font-icons.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
115 KB 115 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
2 KB 979 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
31 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris.shim.mobile.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
611 B 918 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris.android.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
96 KB 96 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-foundation.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
50 KB 50 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.mobile.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
131 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-components.shim.mobile.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
865 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-components.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
178 KB 179 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
isotope.1.5.3.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
5 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Authentication-Isotope.min.css
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-store-badge.svg
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
11 KB 11 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.svg
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
9 KB 9 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
MobileLogo.png
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Alkami.woff2
support-icuonline0g5.dynalias.com/login/login/ses/files/ |
41 KB 41 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Idaho Central Credit Union (Government)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
support-icuonline0g5.dynalias.com/ | Name: PHPSESSID Value: 98c6f30e6ae6cf7e2b2837a6e099bf44 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
icuu02device-online.servebbs.com
support-icuonline0g5.dynalias.com
104.131.74.98
2a00:1450:4001:813::2003
2a00:1450:4001:831::200a
06dee56fb4e2677948bc2f6ce7e20e9900e3c7431843ae3d9c9d975ff03889a7
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
2dc417c13f956f7a5f91634d4629bcc1492ac237ba8839f8513227ae02b510d2
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
33406f88bedd128e255abf4e0d9dece7d35960a8e84af3596f0e56627787eca0
409b5417b9cdf40d67e6264ca892ade68004a1443dd8fbfe70a55ec210020c52
4c7b591f19c35000858633e0610ae0b2b4db8fbfd71bb1864ea4c9bde1958575
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9
65c12121b00f8425f4bd66383649d717e0b381b0336eaf39c732e6d5bb1109e5
6fc0c2405beee79d5cef320856451475879fa535f5fb863e697f65f801b46294
81f7da9e5ed534c6ac7ad9a0c45927f2c3c716cb15b3480aadb9dbe54f4bcb8a
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
9460128bedffc7c32dfdd79353d72b1f0d0764a514acc2ffb743e37c9b673290
bcf82308a4a42f5785de42dda6584b42785e242cc336bd5d8e937b6e2d0d816e
e6c5538c91dc89369ca4a1edd66cf670b290169de4c99378c0c312c8129ce417
f555d3efaa4e368224cc19b0b261b00da4183e8a5247d3858e8ce7e2aa764558
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72