URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Submission: On January 03 via api from CA

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 31.193.5.6, located in United Kingdom and belongs to SECARMA, GB. The main domain is flowmaxgroup.com.
This is the only time flowmaxgroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

IP Address AS Autonomous System
1 31.193.5.6 61323 (SECARMA)
11 107.162.151.111 55002 (DEFENSE-NET)
1 208.69.198.166 40226 (AKUSA)
13 3
Apex Domain
Subdomains
Transfer
12 alaskausa.org
login.alaskausa.org
www.alaskausa.org
49 KB
1 flowmaxgroup.com
flowmaxgroup.com
4 KB
13 2
Domain Requested by
11 login.alaskausa.org flowmaxgroup.com
1 www.alaskausa.org flowmaxgroup.com
1 flowmaxgroup.com
13 3

This site contains links to these domains. Also see Links.

Domain
www.alaskausa.org
Subject Issuer Validity Valid
login.alaskausa.org
DigiCert SHA2 Secure Server CA
2018-09-25 -
2020-02-04
a year crt.sh
www.alaskausa.org
DigiCert SHA2 Secure Server CA
2018-12-11 -
2021-01-28
2 years crt.sh

This page contains 1 frames:

Primary Page: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Frame ID: EBAAF16D5BD0CF90FE2E8C9DC149CFB8
Requests: 13 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

13
Requests

92 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

53 kB
Transfer

86 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.htm
flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/
10 KB
4 KB
Document
General
Full URL
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Server
31.193.5.6 , United Kingdom, ASN61323 (SECARMA, GB),
Reverse DNS
odin.lbdev.co.uk
Software
Apache /
Resource Hash
f657d267e6ae9ad4ea7098837dbb17e74eda13d95eaddff6afa5b51b6ceede4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
flowmaxgroup.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:40 GMT
Server
Apache
Last-Modified
Sat, 28 Dec 2019 01:00:24 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=2592000
Expires
Sun, 02 Feb 2020 15:43:40 GMT
Strict-Transport-Security
max-age=31536000
Content-Length
3700
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
ub-main.css
login.alaskausa.org/efs/efs/jsp/inc/css/
21 KB
6 KB
Stylesheet
General
Full URL
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-main.css?05082018
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
0949ef9fa6244f4b2f107f79c6ef0a23e45741046a316306ea0f6b3f8cca0f57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/css
Keep-Alive
timeout=10, max=100
ub-login-new.css
login.alaskausa.org/efs/efs/jsp/inc/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
32144e8c46a477afce0c571d57b94fc6c6e8926b446df525692ae6b4932b4c02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/css
Keep-Alive
timeout=10, max=100
common_functions.js
login.alaskausa.org/efs/efs/jslibrary/
8 KB
2 KB
Script
General
Full URL
https://login.alaskausa.org/efs/efs/jslibrary/common_functions.js?akusa_rev=3116
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
29fbae99db27d372bc1c80e818b1d715dd45db38b3e443ecf76612fa6d6fb6ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=10, max=100
open_window.js
login.alaskausa.org/efs/efs/jslibrary/
5 KB
2 KB
Script
General
Full URL
https://login.alaskausa.org/efs/efs/jslibrary/open_window.js?akusa_rev=3116
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
da209614d1df8cf3089c96fcbc74df2a989d53d7e26df1c53f1c35a858bedd73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=10, max=100
akusafcu_logo.png
login.alaskausa.org/efs/efs/grafx/akusa/
16 KB
16 KB
Image
General
Full URL
https://login.alaskausa.org/efs/efs/grafx/akusa/akusafcu_logo.png
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Via
1.1 dca1-bit15
Last-Modified
Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Connection
Keep-Alive
Content-Type
text/plain
Keep-Alive
timeout=10, max=100
Content-Length
16314
logo-ehl-tri.gif
login.alaskausa.org/efs/efs/grafx/akusa/
2 KB
3 KB
Image
General
Full URL
https://login.alaskausa.org/efs/efs/grafx/akusa/logo-ehl-tri.gif?
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
e9d50b964802b2bb60004481eb67394bd994ba4c6f8a67e3ded7574ef58fcfc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:41 GMT
Via
1.1 dca1-bit15
Last-Modified
Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=10, max=100
Content-Length
2358
logo-ncua.gif
login.alaskausa.org/efs/efs/grafx/akusa/
4 KB
5 KB
Image
General
Full URL
https://login.alaskausa.org/efs/efs/grafx/akusa/logo-ncua.gif?
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
dcfdce79105743aeda2d194642ba6c291664dd193002cf0e761762896af7ac08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:42 GMT
Via
1.1 dca1-bit15
Last-Modified
Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=10, max=99
Content-Length
4343
ub-print.css
login.alaskausa.org/efs/efs/jsp/inc/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-print.css
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
ae0a9f620731be24cc8c6fc0f2cc46e789f276f497e96ad92734bd7facd2f9e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/css
Keep-Alive
timeout=10, max=99
ub-popup.css
login.alaskausa.org/efs/efs/jsp/inc/css/
4 KB
1 KB
Stylesheet
General
Full URL
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-popup.css
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
d2309e7671c293a03f7a8999460b2ad780f4325de30ee729870db4b755a5e25c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Via
1.1 dca1-bit15
Transfer-Encoding
chunked
Connection
Keep-Alive
Content-Type
text/css
Keep-Alive
timeout=10, max=99
header_bg.png
login.alaskausa.org/efs/efs/grafx/akusa/
8 KB
8 KB
Image
General
Full URL
https://login.alaskausa.org/efs/efs/grafx/akusa/header_bg.png?
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:43 GMT
Via
1.1 dca1-bit15
Last-Modified
Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Connection
Keep-Alive
Content-Type
text/plain
Keep-Alive
timeout=10, max=98
Content-Length
8058
pgMainEdge.png
www.alaskausa.org/css/nav/
960 B
1 KB
Image
General
Full URL
https://www.alaskausa.org/css/nav/pgMainEdge.png
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.69.198.166 , United States, ASN40226 (AKUSA - Alaska USA Federal Credit Union, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1fb28d9c14ec42912599df0f34b14c6e6f996084ca13e06bb11dcb4c9459ed34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:42 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 02 Jan 2020 23:51:46 GMT
Server
Microsoft-IIS/10.0
ETag
"a3fc8d97c7c1d51:0"
X-Frame-Options
DENY
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
960
X-XSS-Protection
1; mode=block
bullet-right.png
login.alaskausa.org/efs/images/
154 B
491 B
Image
General
Full URL
https://login.alaskausa.org/efs/images/bullet-right.png
Requested by
Host: flowmaxgroup.com
URL: http://flowmaxgroup.com/wp-includes/js/alaskafcu/iiiiiak/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.162.151.111 , United States, ASN55002 (DEFENSE-NET - Defense.Net, Inc, US),
Reverse DNS
Software
/
Resource Hash
70a46f91c5948576ac320802ed148ed967757b8391f9b3e958c2dcbe1f333d14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://login.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 03 Jan 2020 15:43:43 GMT
Via
1.1 dca1-bit15
Last-Modified
Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies
none
Strict-Transport-Security
max-age=31536000
Content-Language
en-US
Connection
Keep-Alive
Content-Type
text/plain
Keep-Alive
timeout=10, max=98
Content-Length
154

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| isBlank function| isValidMask function| trimSpaces function| isNum function| hasInvalidChar function| isInvalidChar function| hasInvalidCharBeneficiary function| isInvalidCharBeneficiary function| isChar function| isNumOrChar function| stripChars function| isLength function| parseString function| isAllNums function| stripSpaces function| containsInvalidChar function| isItInvalidChar function| showNote function| toggleTree function| toggleNote function| PopupWindow function| PopupHelp

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000