affut82.fr Open in urlscan Pro
185.63.174.227 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://affut82.fr/FirstTech/
Submission: On December 09 via manual (December 9th 2022, 2:52:26 pm UTC) from FR — Scanned from FR

Summary HTTP 68 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 8 IPs in 4 countries across 10 domains to perform 68 HTTP transactions. The main IP is 185.63.174.227, located in France and belongs to AS_DTHTDC, FR. The main domain is affut82.fr.
TLS certificate: Issued by R3 on December 9th 2022. Valid for: 3 months.

This is the only time affut82.fr was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: First Tech Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 59	185.63.174.227 185.63.174.227	200435 (AS_DTHTDC) (AS_DTHTDC)
1	13.224.189.22 13.224.189.22	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	107.23.44.14 107.23.44.14	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
68	8

59 185.63.174.227 (France) 1 redirects

ASN200435 (AS_DTHTDC, FR)
PTR: web.kreaweb.pro

affut82.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-22.fra2.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.23.44.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-44-14.compute-1.amazonaws.com

detectca.easysol.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Lake Oswego, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	affut82.fr 1 redirects affut82.fr	1000 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 26	66 KB
2	easysol.net detectca.easysol.net — Cisco Umbrella Rank: 59680	2 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 212	615 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 322	9 KB
1	google.fr www.google.fr — Cisco Umbrella Rank: 15288	501 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	576 B
1	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 74	470 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	61 KB
1	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2874	446 B
68	10

	Domain	Requested by
59	affut82.fr	1 redirects affut82.fr
3	www.google-analytics.com	affut82.fr www.googletagmanager.com
2	detectca.easysol.net	affut82.fr
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	affut82.fr
1	www.google.fr	affut82.fr
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	affut82.fr
1	nexus.ensighten.com	affut82.fr
68	10

This site contains links to these domains. Also see Links.

Domain
www.firsttechfed.com
www2.firsttechfed.com
banking.firsttechfed.com
www.raymondjames.com
brokercheck.finra.org
www.finra.org
www.sipc.org

Subject Issuer	Validity	Valid
affut82.fr R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.easysol.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-17` - `2023-09-10`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://affut82.fr/FirstTech/
Frame ID: 75BF9644DDE0EA7FAC4A9F01B571E912
Requests: 68 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

First Tech Federal Credit Union

Page URL History Show full URLs

https://affut82.fr/FirstTech HTTP 301
https://affut82.fr/FirstTech/ Page URL