vrdusa.com
Open in
urlscan Pro
162.215.222.33
Malicious Activity!
Public Scan
Effective URL: http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Submission: On November 13 via manual from US — Scanned from DE
Summary
This is the only time vrdusa.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: America First Credit Union (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 9 | 162.215.222.33 162.215.222.33 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
7 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
vrdusa.com
2 redirects
vrdusa.com |
1 MB |
7 | 1 |
Domain | Requested by | |
---|---|---|
9 | vrdusa.com |
2 redirects
vrdusa.com
|
7 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0
Frame ID: BE71BC00EA3EF9FC8ABF95DBB1B000B1
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
America First Credit UnionPage URL History Show full URLs
-
http://vrdusa.com/new
HTTP 301
http://vrdusa.com/new/ HTTP 302
http://vrdusa.com/new/9298 Page URL
- http://vrdusa.com/new/dfea6e07a/ Page URL
- http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://vrdusa.com/new
HTTP 301
http://vrdusa.com/new/ HTTP 302
http://vrdusa.com/new/9298 Page URL
- http://vrdusa.com/new/dfea6e07a/ Page URL
- http://vrdusa.com/new/dfea6e07a/24f0?5fadb196=d76f2117c021fe3ac47eb2eaae76d0d0 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://vrdusa.com/new HTTP 301
- http://vrdusa.com/new/ HTTP 302
- http://vrdusa.com/new/9298
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
9298
vrdusa.com/new/ Redirect Chain
|
314 B 631 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
vrdusa.com/new/dfea6e07a/ |
157 B 473 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
24f0
vrdusa.com/new/dfea6e07a/ |
45 KB 46 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chunk-vendors.f18ab36e.css
vrdusa.com/new/dfea6e07a/f7eeee5596/ |
702 KB 703 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.2c118d38.css
vrdusa.com/new/dfea6e07a/f7eeee55963/ |
2 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo-desktop-inverse.a3a99f3a.png
vrdusa.com/new/dfea6e07a/f7eeee55963a/ |
9 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
materialdesignicons-webfont.7a44ea19.woff2
vrdusa.com/new/dfea6e07a/f7eeee5596/ |
318 KB 318 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: America First Credit Union (Banking)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showhidepass function| ooth function| disperr5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
vrdusa.com/new | Name: 5b6ea Value: 1600 |
|
vrdusa.com/new | Name: 850a1 Value: 1200 |
|
vrdusa.com/ | Name: PHPSESSID Value: 0892eae70cb3b5d30d820712f3f34f65 |
|
vrdusa.com/ | Name: 1eb6b1100a1df66a14619e27cbd6c5ea7679dfef Value: cd7cb530c61b0ca8f158d84dbf9da8cbb67dcdbe |
|
vrdusa.com/ | Name: be243151da5d7bae3477fa5286edb50b53091ac4 Value: 1699892909 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
vrdusa.com
162.215.222.33
125219610b3e932c78425d3681d51b2b6590942aecaa502b1b6e5f519b5988f3
2d58f4e0fcefb4e1d0604ea5090fb0f3d042d911b0108434b255f98b38420c90
2e6516550c9211c9bf66c2738ce5ce9710dbb1494381afb26c3123ae171d97d6
83b34f00b6612015c941c3865d2c047ae5ce567f13530491ac4ed773b13b1bd3
986dae282bc4d35f7234bbf7c3eafd4b4bb990b89143be1f5c8a8aa4a04ee2b4
a6690102b24638424202c679e3c3fafe83bdaa641e40dca06968bcad77f70821
ad4d95ad0f9cacdbcce8c53ed3bf9cf3f693723b61348da3dc97f77dc61583ec
c9a0078a7b8e70e1437317247095c89510a6c40bdb3bb37a26318133e2c1ab54
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
df808b2ea829eac97e99d46d91fa6a005269d58a9dfd57ff40f7084e6f027f7b