makseron.com Open in urlscan Pro
94.73.151.139 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://makseron.com/alaska/alaska/alaska/1.php
Effective URL:
http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
Submission: On April 19 via automatic, source openphish (April 19th 2020, 12:31:56 pm UTC)

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 94.73.151.139, located in Turkey and belongs to CIZGI, TR. The main domain is makseron.com.

This is the only time makseron.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Alaska USA Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
1 2	94.73.151.139 94.73.151.139	34619 (CIZGI) (CIZGI)
11	107.162.151.110 107.162.151.110	55002 (DEFENSE-NET) (DEFENSE-NET)
13	3

2 94.73.151.139 (Turkey) 1 redirects

ASN34619 (CIZGI, TR)
PTR: 94-73-151-139.cizgi.net.tr

makseron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 107.162.151.110 (United States)

ASN55002 (DEFENSE-NET, US)

ultrabranch3.alaskausa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	alaskausa.org ultrabranch3.alaskausa.org www.alaskausa.org Failed	83 KB
2	makseron.com 1 redirects makseron.com	4 KB
13	2

	Domain	Requested by
11	ultrabranch3.alaskausa.org	makseron.com
2	makseron.com	1 redirects
0	www.alaskausa.org Failed	makseron.com
13	3

This site contains links to these domains. Also see Links.

Domain
www.alaskausa.org

Subject Issuer	Validity	Valid
ultrabranch3.alaskausa.org DigiCert SHA2 Secure Server CA	`2020-01-09` - `2022-01-13`	2 years	crt.sh

This page contains 1 frames:

Primary Page: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
Frame ID: 519FAA3C398A57D6325E487429B0AA96
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://makseron.com/alaska/alaska/alaska/1.php HTTP 302
http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session= Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

86 kB
Transfer

115 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.alaskausa.org/service/contact.asp
Title: If you are using a screen reader and having difficulties with the site, call the Member Service Center 24/7 at 800-525-9094.

Search URL Search Domain Scan URL

URL: https://www.alaskausa.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://makseron.com/alaska/alaska/alaska/1.php HTTP 302
http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request password.php Show response
makseron.com/alaska/alaska/alaska/
Redirect Chain

http://makseron.com/alaska/alaska/alaska/1.php
http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

8 KB
3 KB

70ms
70ms

Document
text/html

94.73.151.139
CIZGI

General

Check archive.org

Show headers Download Go to

Full URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
Protocol: HTTP/1.1
Server: 94.73.151.139 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS: 94-73-151-139.cizgi.net.tr
Software: LiteSpeed / PHP/5.6.40
Resource Hash: 1ad7090a4e90d2a9e108e9c3e558e22274520bbfd744e90e34f31daf3b8cb8d3

Request headers

Host: makseron.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: PHPSESSID=10mvt326lh3dcptjpdn7hv4jf3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Connection: Keep-Alive
X-Powered-By: PHP/5.6.40
Content-Type: text/html; charset=UTF-8
Content-Length: 3233
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Sun, 19 Apr 2020 12:31:18 GMT
Server: LiteSpeed

Redirect headers

Connection: Keep-Alive
X-Powered-By: PHP/5.6.40
Set-Cookie: PHPSESSID=10mvt326lh3dcptjpdn7hv4jf3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Location: password.php?cmd=login_submit&id=&session=
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Date: Sun, 19 Apr 2020 12:31:18 GMT
Server: LiteSpeed

GET
H/1.1 200
OK ub-main.css
ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ 21 KB
6 KB 1217ms
513ms Stylesheet
text/css 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-main.css?101717

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

0949ef9fa6244f4b2f107f79c6ef0a23e45741046a316306ea0f6b3f8cca0f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Vary: Accept-Encoding
Content-Language: en-US
Via: 1.1 dca1-bit17
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Keep-Alive: timeout=10, max=100

GET
H/1.1 200
OK ub-login-new.css
ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ 3 KB
2 KB 1180ms
476ms Stylesheet
text/css 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?101717

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

32144e8c46a477afce0c571d57b94fc6c6e8926b446df525692ae6b4932b4c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Vary: Accept-Encoding
Content-Language: en-US
Via: 1.1 dca1-bit17
Connection: Keep-Alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Keep-Alive: timeout=10, max=100

GET
H/1.1 200
OK common_functions.js Show response
ultrabranch3.alaskausa.org/efs/efs/jslibrary/ 8 KB
2 KB 1208ms
484ms Script
application/x-javascript 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/jslibrary/common_functions.js

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

990e387806872b7606ecf7211145356f5b6321fe6ff53e4ad3301b0373b1ceaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 19 Apr 2020 12:31:19 GMT
Vary: Accept-Encoding
Content-Language: en-US
Via: 1.1 dca1-bit17
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=10, max=100
Content-Length: 1736

GET
H/1.1 200
OK akusafcu_logo.png
ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/ 16 KB
16 KB 460ms
460ms Image
image/png 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/akusafcu_logo.png

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=10, max=99
Content-Length: 16314

GET
H/1.1 200
OK hobby-yellowlab.jpg
ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/security/ 37 KB
37 KB 264ms
264ms Image
image/jpeg 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/security/hobby-yellowlab.jpg

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

4386bd0d1a737bb5588715662125de5c947121db0cbc2f4838e36cddcad7e7a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: image/jpeg
Keep-Alive: timeout=10, max=99
Content-Length: 37805

GET
H/1.1 200
OK logo-ehl-tri.gif
ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/ 2 KB
3 KB 321ms
320ms Image
image/gif 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/logo-ehl-tri.gif?

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

e9d50b964802b2bb60004481eb67394bd994ba4c6f8a67e3ded7574ef58fcfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=98
Content-Length: 2358

GET
H/1.1 200
OK logo-ncua.gif
ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/ 4 KB
5 KB 501ms
326ms Image
image/gif 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/logo-ncua.gif?

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

dcfdce79105743aeda2d194642ba6c291664dd193002cf0e761762896af7ac08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=10, max=98
Content-Length: 4343

GET
H/1.1 200
OK ub-print.css
ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ 3 KB
2 KB 806ms
490ms Stylesheet
text/css 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-print.css

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

ae0a9f620731be24cc8c6fc0f2cc46e789f276f497e96ad92734bd7facd2f9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 19 Apr 2020 12:31:20 GMT
Vary: Accept-Encoding
Content-Language: en-US
Via: 1.1 dca1-bit17
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=10, max=100
Content-Length: 1494

GET
H/1.1 200
OK ub-popup.css
ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ 4 KB
1 KB 278ms
277ms Stylesheet
text/css 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-popup.css

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

d2309e7671c293a03f7a8999460b2ad780f4325de30ee729870db4b755a5e25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Date: Sun, 19 Apr 2020 12:31:20 GMT
Vary: Accept-Encoding
Content-Language: en-US
Via: 1.1 dca1-bit17
Connection: Keep-Alive
Content-Type: text/css
Keep-Alive: timeout=10, max=99
Content-Length: 1106

GET
H/1.1 200
OK header_bg.png
ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/ 8 KB
8 KB 902ms
601ms Image
image/png 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/efs/grafx/akusa/header_bg.png?

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?101717
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:14 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=10, max=100
Content-Length: 8058

GET pgMainEdge.png
www.alaskausa.org/css/nav/ 0
0

GET
H/1.1 200
OK bullet-right.png
ultrabranch3.alaskausa.org/efs/images/ 154 B
491 B 350ms
187ms Image
image/png 107.162.151.110
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultrabranch3.alaskausa.org/efs/images/bullet-right.png

Requested by

Host: makseron.com
URL: http://makseron.com/alaska/alaska/alaska/password.php?cmd=login_submit&id=&session=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.151.110 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

70a46f91c5948576ac320802ed148ed967757b8391f9b3e958c2dcbe1f333d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ultrabranch3.alaskausa.org/efs/efs/jsp/inc/css/ub-login-new.css?101717
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 19 Apr 2020 12:31:20 GMT
Via: 1.1 dca1-bit17
Last-Modified: Wed, 20 Nov 2019 23:16:16 GMT
X-Permitted-Cross-Domain-Policies: none
Strict-Transport-Security: max-age=31536000
Content-Language: en-US
Connection: Keep-Alive
Content-Type: text/plain
Keep-Alive: timeout=10, max=98
Content-Length: 154

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.alaskausa.org
URL: https://www.alaskausa.org/css/nav/pgMainEdge.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Alaska USA Federal Credit Union (Banking)

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

makseron.com
ultrabranch3.alaskausa.org
www.alaskausa.org
www.alaskausa.org
107.162.151.110
94.73.151.139
0949ef9fa6244f4b2f107f79c6ef0a23e45741046a316306ea0f6b3f8cca0f57
1ad7090a4e90d2a9e108e9c3e558e22274520bbfd744e90e34f31daf3b8cb8d3
32144e8c46a477afce0c571d57b94fc6c6e8926b446df525692ae6b4932b4c02
4386bd0d1a737bb5588715662125de5c947121db0cbc2f4838e36cddcad7e7a2
5cd6b433131a0f7972117a1de73410cd07059f385b4dceb1e99b1c9dd6351fb6
70a46f91c5948576ac320802ed148ed967757b8391f9b3e958c2dcbe1f333d14
990e387806872b7606ecf7211145356f5b6321fe6ff53e4ad3301b0373b1ceaa
a3941d5f3a221368776c19f01fef5fdcff8825460e416580fc809dbdd83972cc
ae0a9f620731be24cc8c6fc0f2cc46e789f276f497e96ad92734bd7facd2f9e8
d2309e7671c293a03f7a8999460b2ad780f4325de30ee729870db4b755a5e25c
dcfdce79105743aeda2d194642ba6c291664dd193002cf0e761762896af7ac08
e9d50b964802b2bb60004481eb67394bd994ba4c6f8a67e3ded7574ef58fcfc2

makseron.com Open in urlscan Pro 94.73.151.139 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

85 %HTTPS

0 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

86 kBTransfer

115 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

25 JavaScript Global Variables

0 Cookies

Indicators

makseron.com Open in urlscan Pro
94.73.151.139 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

85 %
HTTPS

0 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

86 kB
Transfer

115 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!