Submitted URL: http://vrdusa.com/new
Effective URL: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Submission: On November 13 via manual from US — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 162.215.222.33, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is vrdusa.com.
This is the only time vrdusa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: America First Credit Union (Banking)

Domain & IP information

IP Address AS Autonomous System
2 9 162.215.222.33 46606 (UNIFIEDLA...)
7 2
Apex Domain
Subdomains
Transfer
9 vrdusa.com
vrdusa.com
1 MB
7 1
Domain Requested by
9 vrdusa.com 2 redirects vrdusa.com
7 1

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Frame ID: BE71BC00EA3EF9FC8ABF95DBB1B000B1
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

America First Credit Union

Page URL History Show full URLs

  1. http://vrdusa.com/new HTTP 301
    http://vrdusa.com/new/ HTTP 302
    http://vrdusa.com/new/9298 Page URL
  2. http://vrdusa.com/new/dfea6e07a/ Page URL
  3. http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0 Page URL

Page Statistics

7
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

1079 kB
Transfer

1088 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vrdusa.com/new HTTP 301
    http://vrdusa.com/new/ HTTP 302
    http://vrdusa.com/new/9298 Page URL
  2. http://vrdusa.com/new/dfea6e07a/ Page URL
  3. http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://vrdusa.com/new HTTP 301
  • http://vrdusa.com/new/ HTTP 302
  • http://vrdusa.com/new/9298

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
9298
vrdusa.com/new/
Redirect Chain
  • http://vrdusa.com/new
  • http://vrdusa.com/new/
  • http://vrdusa.com/new/9298
314 B
631 B
Document
General
Full URL
http://vrdusa.com/new/9298
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
2d58f4e0fcefb4e1d0604ea5090fb0f3d042d911b0108434b255f98b38420c90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Nov 2023 16:28:29 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Nov 2023 16:28:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache
location
9298
/
vrdusa.com/new/dfea6e07a/
157 B
473 B
Document
General
Full URL
http://vrdusa.com/new/dfea6e07a/
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/9298
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash

Request headers

Referer
http://vrdusa.com/new/9298
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Nov 2023 16:28:30 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=97
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Primary Request 24f0
vrdusa.com/new/dfea6e07a/
45 KB
46 KB
Document
General
Full URL
http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/dfea6e07a/
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
ad4d95ad0f9cacdbcce8c53ed3bf9cf3f693723b61348da3dc97f77dc61583ec

Request headers

Referer
http://vrdusa.com/new/dfea6e07a/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Mon, 13 Nov 2023 16:28:30 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=96
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
chunk-vendors.f18ab36e.css
vrdusa.com/new/dfea6e07a/f7eeee5596/
702 KB
703 KB
Stylesheet
General
Full URL
http://vrdusa.com/new/dfea6e07a/f7eeee5596/chunk-vendors.f18ab36e.css
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
125219610b3e932c78425d3681d51b2b6590942aecaa502b1b6e5f519b5988f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 16:28:30 GMT
Last-Modified
Mon, 18 Apr 2022 03:52:04 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
719214
app.2c118d38.css
vrdusa.com/new/dfea6e07a/f7eeee55963/
2 KB
3 KB
Stylesheet
General
Full URL
http://vrdusa.com/new/dfea6e07a/f7eeee55963/app.2c118d38.css
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
2e6516550c9211c9bf66c2738ce5ce9710dbb1494381afb26c3123ae171d97d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 16:28:30 GMT
Last-Modified
Fri, 15 Apr 2022 10:05:34 GMT
Server
Apache
Upgrade
h2,h2c
Content-Type
text/css
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2555
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83b34f00b6612015c941c3865d2c047ae5ce567f13530491ac4ed773b13b1bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
logo-desktop-inverse.a3a99f3a.png
vrdusa.com/new/dfea6e07a/f7eeee55963a/
9 KB
9 KB
Image
General
Full URL
http://vrdusa.com/new/dfea6e07a/f7eeee55963a/logo-desktop-inverse.a3a99f3a.png
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
c9a0078a7b8e70e1437317247095c89510a6c40bdb3bb37a26318133e2c1ab54

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 16:28:31 GMT
Last-Modified
Fri, 15 Apr 2022 10:05:34 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
8898
materialdesignicons-webfont.7a44ea19.woff2
vrdusa.com/new/dfea6e07a/f7eeee5596/
318 KB
318 KB
Font
General
Full URL
http://vrdusa.com/new/dfea6e07a/f7eeee5596/materialdesignicons-webfont.7a44ea19.woff2
Requested by
Host: vrdusa.com
URL: http://vrdusa.com/new/dfea6e07a/f7eeee5596/chunk-vendors.f18ab36e.css
Protocol
HTTP/1.1
Server
162.215.222.33 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
tventuresllc.com
Software
Apache /
Resource Hash
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Request headers

Referer
http://vrdusa.com/new/dfea6e07a/f7eeee5596/chunk-vendors.f18ab36e.css
Origin
http://vrdusa.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Mon, 13 Nov 2023 16:28:31 GMT
Last-Modified
Mon, 18 Apr 2022 03:44:06 GMT
Server
Apache
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
325244
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a6690102b24638424202c679e3c3fafe83bdaa641e40dca06968bcad77f70821

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df808b2ea829eac97e99d46d91fa6a005269d58a9dfd57ff40f7084e6f027f7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
986dae282bc4d35f7234bbf7c3eafd4b4bb990b89143be1f5c8a8aa4a04ee2b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://vrdusa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: America First Credit Union (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showhidepass function| ooth function| disperr

5 Cookies

Domain/Path Name / Value
vrdusa.com/new Name: 5b6ea
Value: 1600
vrdusa.com/new Name: 850a1
Value: 1200
vrdusa.com/ Name: PHPSESSID
Value: 0892eae70cb3b5d30d820712f3f34f65
vrdusa.com/ Name: 1eb6b1100a1df66a14619e27cbd6c5ea7679dfef
Value: cd7cb530c61b0ca8f158d84dbf9da8cbb67dcdbe
vrdusa.com/ Name: be243151da5d7bae3477fa5286edb50b53091ac4
Value: 1699892909