www.ariamedicalgroup.com Open in urlscan Pro
162.215.248.46 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.ariamedicalgroup.com/verify_iccu.login
Effective URL:
https://www.ariamedicalgroup.com/verify_iccu.login/
Submission: On August 27 via automatic, source openphish (August 27th 2022, 1:09:38 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 24 HTTP transactions. The main IP is 162.215.248.46, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is www.ariamedicalgroup.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2022. Valid for: a year.

This is the only time www.ariamedicalgroup.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Idaho Central Credit Union (Government)

Domain & IP information

	IP Address		AS Autonomous System
2 26	162.215.248.46 162.215.248.46		46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
24	1

26 162.215.248.46 (United States) 2 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-248-46.unifiedlayer.com

www.ariamedicalgroup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	ariamedicalgroup.com 2 redirects www.ariamedicalgroup.com	1 MB
24	1

	Domain	Requested by
26	www.ariamedicalgroup.com	2 redirects www.ariamedicalgroup.com
24	1

This site contains no links.

Subject Issuer	Validity	Valid
ariamedicalgroup.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-06-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ariamedicalgroup.com/verify_iccu.login/
Frame ID: 4D8D517D9883B978C3B43F8B7D6A4D0C
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

| Idaho Central Credit Union

Page URL History Show full URLs

http://www.ariamedicalgroup.com/verify_iccu.login HTTP 301
https://www.ariamedicalgroup.com/verify_iccu.login HTTP 301
https://www.ariamedicalgroup.com/verify_iccu.login/ Page URL

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Page Statistics

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1414 kB
Transfer

2179 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.ariamedicalgroup.com/verify_iccu.login HTTP 301
https://www.ariamedicalgroup.com/verify_iccu.login HTTP 301
https://www.ariamedicalgroup.com/verify_iccu.login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.ariamedicalgroup.com/verify_iccu.login/ Redirect Chain http://www.ariamedicalgroup.com/verify_iccu.login https://www.ariamedicalgroup.com/verify_iccu.login https://www.ariamedicalgroup.com/verify_iccu.login/	32 KB 8 KB	795ms 794ms	Document text/html	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `bec542aed1a6d6c059c69fcb9eb065c44db76869bc7c8099d450f9b169dd31fc` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=7200 content-encoding gzip content-length 7924 content-type text/html; charset=UTF-8 date Sat, 27 Aug 2022 13:09:22 GMT expires Sat, 27 Aug 2022 15:09:22 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 x-nginx-cache WordPress Redirect headers cache-control max-age=7200 content-length 334 content-type text/html; charset=iso-8859-1 date Sat, 27 Aug 2022 13:09:22 GMT expires Sat, 27 Aug 2022 15:09:22 GMT location https://www.ariamedicalgroup.com/verify_iccu.login/ server Apache
GET H2	200	css.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	356 B 313 B	179ms 159ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/css.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `cf8ba2900c4ab6efed4af0df1df2791c809ce259994dcf8d101c5de0e7b56ad7` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:51:36 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 254 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	font-icons.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	116 KB 8 KB	180ms 161ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/font-icons.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `296889c6ab0c57e94d7cefb392c646cae342fa9a571bfc18ad910f348ac4f11f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 16:43:22 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 8195 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	yui-reset.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	793 B 565 B	168ms 150ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/yui-reset.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:54:56 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 437 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	jquery-ui.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	31 KB 9 KB	345ms 326ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/jquery-ui.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:53:46 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 8953 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	jquery.daterangepicker.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	3 KB 933 B	177ms 158ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/jquery.daterangepicker.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:53:54 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 874 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	ext-all.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	123 KB 25 KB	345ms 327ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/ext-all.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `8e9901c7a56cf78e86b90384c8a18329a0bc96c06f0ba87b239a0f4413b199eb` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:51:46 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	base.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	197 KB 48 KB	201ms 184ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/base.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `6f749c31b9bd707340af24736c98a45ac6c5f4ceee3692c69ecf6f3523cb08a0` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:51:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	grid.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	6 KB 2 KB	179ms 162ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/grid.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `f9cdc3eed2e549dc825b5354ebcad5f4e6ee57547604c0b54346390051be741c` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:52:14 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 1815 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	sidebar.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	3 KB 987 B	178ms 161ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/sidebar.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `4ce72ae45e1aafaa5cd4cc684c0000459c6d154c31450aad92bbd51a34107c93` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:54:36 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 928 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iris.shim.desktop.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	673 B 430 B	176ms 160ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/iris.shim.desktop.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:53:28 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 371 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iris.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	95 KB 22 KB	604ms 589ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/iris.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:53:20 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iris-foundation.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	50 KB 8 KB	465ms 450ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/iris-foundation.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:52:42 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 8516 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iris-components.shim.desktop.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	1 KB 647 B	602ms 588ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/iris-components.shim.desktop.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `32247600e713032fdfca1b5966668f1cab9875325bcf572e12a2215178dc0eb3` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:52:34 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 588 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iris-components.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	188 KB 36 KB	597ms 583ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/iris-components.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `be62d354c566524d04269ae0aecdb24ddf557f986e3b98f797940a7d507bf2c5` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:52:24 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	isotope.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	14 KB 4 KB	480ms 466ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/isotope.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `0036d6e448700d7d059afe538f88bff22e136c5b708413cb9494105dda8609d1` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:53:36 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 3676 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	theme.desktop.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	45 KB 9 KB	481ms 467ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/theme.desktop.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `d2398a350b60afc0fff0a89e1a5b2739c5746008ec238cecdb0417ffa5689831` Request headers Referer https://www.ariamedicalgroup.com/verify_iccu.login/ Origin https://www.ariamedicalgroup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 16:42:08 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 9477 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	fi.desktop.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	57 KB 15 KB	466ms 454ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/fi.desktop.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `f306038b5cc0d11fa1dd53ee3328d533884762e868d4a56335633a0f80f0a3a4` Request headers Referer https://www.ariamedicalgroup.com/verify_iccu.login/ Origin https://www.ariamedicalgroup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:51:54 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 14839 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	Logo.png www.ariamedicalgroup.com/verify_iccu.login/assets/img/	6 KB 6 KB	417ms 395ms	Image image/png	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/img/Logo.png Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `dc60a0c398660ef4d7941be280289932cbfe8d90d9437de4ad19761d7ae99c2e` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:50:44 GMT server Apache x-endurance-cache-level 2 content-type image/png cache-control max-age=86400 accept-ranges bytes content-length 6276 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	app-store-badge.svg www.ariamedicalgroup.com/verify_iccu.login/assets/img/	11 KB 11 KB	550ms 529ms	Image image/svg+xml	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/img/app-store-badge.svg Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:50:08 GMT server Apache x-endurance-cache-level 2 content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 10850 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	google-play-badge.svg www.ariamedicalgroup.com/verify_iccu.login/assets/img/	9 KB 9 KB	549ms 528ms	Image image/svg+xml	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/img/google-play-badge.svg Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:50:16 GMT server Apache x-endurance-cache-level 2 content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 9332 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	print.min.css www.ariamedicalgroup.com/verify_iccu.login/assets/css/	8 KB 2 KB	424ms 403ms	Stylesheet text/css	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/print.min.css Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT content-encoding gzip x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:54:26 GMT server Apache vary Accept-Encoding x-endurance-cache-level 2 content-type text/css cache-control max-age=86400 accept-ranges bytes content-length 2129 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	iccu_bg.jpg www.ariamedicalgroup.com/verify_iccu.login/assets/img/	1 MB 1 MB	154ms 154ms	Image image/jpeg	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Show image Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/img/iccu_bg.jpg Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/theme.desktop.min.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `2db07ba828841574740817f36ae2c212633cb809b0bcf6a8baabec33efccf048` Request headers accept-language de-DE,de;q=0.9 Referer https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/theme.desktop.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:23 GMT x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:50:34 GMT server Apache x-endurance-cache-level 2 content-type image/jpeg cache-control max-age=86400 accept-ranges bytes content-length 1169065 expires Sun, 28 Aug 2022 13:09:23 GMT
GET H2	200	Alkami.woff2 www.ariamedicalgroup.com/verify_iccu.login/assets/fonts/	41 KB 41 KB	577ms 576ms	Font font/woff2	162.215.248.46 UNIFIEDLAYER-AS-1
General Check archive.org Show headers Download Go to Full URL https://www.ariamedicalgroup.com/verify_iccu.login/assets/fonts/Alkami.woff2 Requested by Host: www.ariamedicalgroup.com URL: https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/font-icons.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.215.248.46 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US), Reverse DNS 162-215-248-46.unifiedlayer.com Software Apache / Resource Hash `b7b1c6cd2548b080ab56c2ea21154100f663a1321b34750b6fd06a895f87cc7a` Request headers Referer https://www.ariamedicalgroup.com/verify_iccu.login/assets/css/font-icons.css Origin https://www.ariamedicalgroup.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 13:09:24 GMT x-nginx-cache WordPress last-modified Thu, 21 Jul 2022 14:49:50 GMT server Apache x-endurance-cache-level 2 content-type font/woff2 cache-control max-age=86400 accept-ranges bytes content-length 41996 expires Sun, 28 Aug 2022 13:09:24 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Idaho Central Credit Union (Government)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

www.ariamedicalgroup.com
162.215.248.46
0036d6e448700d7d059afe538f88bff22e136c5b708413cb9494105dda8609d1
037e5f8a4d2ef765d97f6c14e087cab4f8f27a1ac2a6a7584793b1a76a08fb8f
296889c6ab0c57e94d7cefb392c646cae342fa9a571bfc18ad910f348ac4f11f
2db07ba828841574740817f36ae2c212633cb809b0bcf6a8baabec33efccf048
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
32247600e713032fdfca1b5966668f1cab9875325bcf572e12a2215178dc0eb3
4ce72ae45e1aafaa5cd4cc684c0000459c6d154c31450aad92bbd51a34107c93
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9
6f749c31b9bd707340af24736c98a45ac6c5f4ceee3692c69ecf6f3523cb08a0
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
8e9901c7a56cf78e86b90384c8a18329a0bc96c06f0ba87b239a0f4413b199eb
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
b7b1c6cd2548b080ab56c2ea21154100f663a1321b34750b6fd06a895f87cc7a
be62d354c566524d04269ae0aecdb24ddf557f986e3b98f797940a7d507bf2c5
bec542aed1a6d6c059c69fcb9eb065c44db76869bc7c8099d450f9b169dd31fc
cf8ba2900c4ab6efed4af0df1df2791c809ce259994dcf8d101c5de0e7b56ad7
d2398a350b60afc0fff0a89e1a5b2739c5746008ec238cecdb0417ffa5689831
dc60a0c398660ef4d7941be280289932cbfe8d90d9437de4ad19761d7ae99c2e
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
f306038b5cc0d11fa1dd53ee3328d533884762e868d4a56335633a0f80f0a3a4
f9cdc3eed2e549dc825b5354ebcad5f4e6ee57547604c0b54346390051be741c

www.ariamedicalgroup.com Open in urlscan Pro 162.215.248.46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

1414 kBTransfer

2179 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

www.ariamedicalgroup.com Open in urlscan Pro
162.215.248.46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1414 kB
Transfer

2179 kB
Size

0
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!