servicecu-secure.icu Open in urlscan Pro
2606:4700:3036::ac43:aee4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://servicecu-secure.icu/BankatFirst/
Submission: On April 09 via api (April 9th 2024, 11:10:21 pm UTC) from US — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3036::ac43:aee4, located in United States and belongs to CLOUDFLARENET, US. The main domain is servicecu-secure.icu.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.

This is the only time servicecu-secure.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: First Financial Bank (Financial)

Domain & IP information

	IP Address		AS Autonomous System
1 18	2606:4700:303... 2606:4700:3036::ac43:aee4		13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	1

18 2606:4700:3036::ac43:aee4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

servicecu-secure.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	servicecu-secure.icu 1 redirects servicecu-secure.icu	156 KB
17	1

	Domain	Requested by
18	servicecu-secure.icu	1 redirects servicecu-secure.icu
17	1

This site contains no links.

Subject Issuer	Validity	Valid
servicecu-secure.icu GTS CA 1P5	`2024-04-08` - `2024-07-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://servicecu-secure.icu/BankatFirst/
Frame ID: 3CF606364E2AB35176D24C7AF7575CFF
Requests: 15 HTTP requests in this frame

Frame: https://servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
Frame ID: 735F12DC8A4C127F045360187A4C1CE5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Login · First Financial Bank

Page URL History Show full URLs

https://servicecu-secure.icu/BankatFirst/ Page URL
https://servicecu-secure.icu/BankatFirst/ Page URL

Page Statistics

17
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

156 kB
Transfer

871 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://servicecu-secure.icu/BankatFirst/ Page URL
https://servicecu-secure.icu/BankatFirst/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://servicecu-secure.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 / Show response
servicecu-secure.icu/BankatFirst/ 7 KB
8 KB 342ms
282ms Document
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fa83fca106f53f3777c6d06af4ea29d7bd046b4bb0445a0021d18e01c5376ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 871e2b5bbfb141f5-EWR
content-type: text/html; charset=utf-8
date: Tue, 09 Apr 2024 23:10:14 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=efMpyEN%2B8lXOswBiw%2Fln4kV6P2sIl7FKt9bJrbSyy1FNz1JIKwjCd5trH9NulpI1LTy3ItG4ZMEsNqvrdzPP6xME1kn3a9x%2FRGCz5mMn08kWKGqvJz0DdC%2FZ%2FD5A9jV7LVcT4vA8C%2F%2FqYx%2FX7SQIy46PoA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block 1; mode=block

POST
H3 204 /
servicecu-secure.icu/BankatFirst/ 0
837 B 300ms
300ms XHR
text/plain 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Requested-TimeStamp-Expire
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
PqOkMfo2pEYQyeDEPFZjCf1Io: 29282433
X-Requested-TimeStamp-Combination
X-Requested-Type-Combination: GET
Content-type: application/x-www-form-urlencoded
X-Requested-Type: GET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Referer: https://servicecu-secure.icu/BankatFirst/
X-Requested-with: XMLHttpRequest
X-Requested-TimeStamp
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 09 Apr 2024 23:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F%2FOVvRI2tX8sPKYfxjyvJHiBBN2TDZ8wBSC9XvcGL%2BPmcPebVsVtXOwdLOYvGIX6FTE2bffw%2Bthk69zAF82oayR7kuqLQ%2BkqyAuT9ytqXfXX7bhs3lKASkSDi4%2Fq86WWzaiJYBzUySK0C8vm5%2B3fulr7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 871e2b5ecf8141d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
expires: 0

GET
H3

200

main.js Show response
servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/ Frame 735F
Redirect Chain

https://servicecu-secure.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

8 KB
4 KB

23ms
23ms

Script
application/javascript

2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js

Protocol

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90aa081d34d85784751bdc6645232cf162308aa27eaf8659959ab07648c83a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

date: Tue, 09 Apr 2024 23:10:14 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ej9jHWUSfqGzsbXjj2K8WW7rdwMgdhBR28RqPGQUjjNBqwN2J4aGLQubkt%2B%2Bpes%2FUKxcm0hG2q99jBOPr7Bn28Oa6f8WncHDO1h8Imwp6%2FU1Kor71rXkqQEWblBGWNf%2Bu8RiW3kGMnrLadWrm5UF7fbudQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 871e2b5f0fea41d2-EWR
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 09 Apr 2024 23:10:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbewiC4WEz6lfG2f3vtHU3fnsSNvsBPSKoZdSALZpq1hd6h%2Bb7bRjc7cmkK7PQk75lBz9wa5sZJTuQMoaHQMGnn%2BTuKp3jLIMCPyIOXzowpOBvit%2BnPrAulN0AtTiV1VRzOiGn5u2R%2B3DntYdI%2BrgzAuYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/bcc5fb0a8815/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 871e2b5ecf8741d2-EWR
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 871e2b5bbfb141f5
servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 735F 0
613 B 30ms
29ms XHR
text/plain 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicecu-secure.icu/cdn-cgi/challenge-platform/h/b/jsd/r/871e2b5bbfb141f5
Requested by: Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A9oyF1ySAkAblAd0t5L6HBEmn%2FWQpePUKBVT7ZWsi%2F6llXJLAkmGrIl%2FDKFAqbo1LPvdT8LZD5SFWGE44Y9m0sVXgJxxfSET9hplCRPpi0xRZkg91aTVgzdFT4yOn4%2Bk7fCQneHJowvicP9gn%2F0i15uKrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 871e2b60ca7341d2-EWR
alt-svc: h3=":443"; ma=86400

GET
H3 200 Primary Request / Show response
servicecu-secure.icu/BankatFirst/ 5 KB
2 KB 254ms
253ms Document
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9523ede402d2159d69b460b9e6d777a361e80f4acb14aa55e9856b2c83035c5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block 1; mode=block

Request headers

Referer: https://servicecu-secure.icu/BankatFirst/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 871e2b60fabb41d2-EWR
content-encoding: br
content-type: text/html
date: Tue, 09 Apr 2024 23:10:15 GMT
last-modified: Tue, 03 Oct 2023 07:50:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F8LR0cUjnumMMH%2FmXs3GbM4rCj7QQpZflZTlEP9TbSzy6zCP3wRuebNHq5PH1QrgBe3MnE9cwFHiO7v8JoE3ljN6DjQRqoSIuBPfH5HHhHF6h4L2J4mDpNrlkX9djB56B0zyf6M9S9cU5bfwfWGnqX4Fmw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block 1; mode=block

GET
H3 200 vthreeallFullCss.css
servicecu-secure.icu/BankatFirst/css/ 771 KB
98 KB 27ms
24ms Stylesheet
text/css 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d0a27afc6ed22f356c907579f15f41f120c913c118837dba9c1b8da13a5a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109152
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Thu, 04 May 2023 07:23:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Axfw3vdRh8Yh6vo1HGopvefquH%2BNfGvaddi3tTYVBCDu4ZsgdLB9wIqlq2dKlWitCRi1qlRCtJwO9S%2B1adHWgrBjLyfrvB8g4oXYy%2BYp0STi5cGzyLk%2Ba0%2BAoKE0dKF276iy6mRpYnHa5i7NlvYC9%2FCSmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 871e2b62ac9c41d2-EWR
expires: Wed, 08 May 2024 16:51:00 GMT

GET
H3 200 224.css
servicecu-secure.icu/BankatFirst/css/ 46 KB
7 KB 23ms
21ms Stylesheet
text/css 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/css/224.css

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc054fd38e88a7c9c1db08bd40dfe7ad366fa23efdce184e372d2adb431c91d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109152
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Thu, 04 May 2023 07:00:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zvk%2BUluSObLwCEbJqtVL2utHKM9PEZ3rRnsebciluuH2YY2NoFW6zA%2BzTVF2uPRzaI7RgCUNRdiwvwW7OtgvWCtWAkvaVO16QKV%2F4eS4la8TmquqYSZPMmUaKjdbH7E7j56f8SBWcMXyFWl4BXMZNa9%2FMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 871e2b62ac9f41d2-EWR
expires: Wed, 08 May 2024 16:51:00 GMT

GET
H3 200 Logo.png
servicecu-secure.icu/BankatFirst/images/ 7 KB
8 KB 18ms
15ms Image
image/png 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servicecu-secure.icu/BankatFirst/images/Logo.png

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

697207724e3c91390ee837852545c786fc8add50c203f26b44a940df94c471d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109152
alt-svc: h3=":443"; ma=86400
content-length: 7478
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Wed, 06 Sep 2023 09:12:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sp61SEqJ%2F3SJh5jXjgnEpTteleN3vEmXJqWEbcaVASKI6K4YmRexEzBYWsPGQlio9kFqt4PgJDzf5ZyZ5P94jIphZhnbT5dDXbTDRN74c3sHu4CwBPRFa0%2FWg2yow8xJXh11DyEpDUbkJuuEUhXdk%2BuFiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 871e2b62aca041d2-EWR
expires: Fri, 07 Jun 2024 16:51:00 GMT

GET
H3 200 Background.png
servicecu-secure.icu/BankatFirst/images/ 11 KB
11 KB 34ms
33ms Image
image/png 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servicecu-secure.icu/BankatFirst/images/Background.png

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/224.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e093a8eec7f8ed38bf91b536cf597aa9f91cf3b45abc11313fdf310736e5e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/224.css
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109151
alt-svc: h3=":443"; ma=86400
content-length: 10785
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Wed, 06 Sep 2023 09:12:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kFItlEPLjR1kmk32PA4RsKQ5kwUbrZUtKu4hkmeg7t4mlGE4VpHi6E01TzJOxIbMXNNfc9vOfYl4mfao2ADgAWjxnz%2FNS3JyLTUFtvaTTagFX0LLs9IdXRxoIqT1aWOKwGYOyXeFkckEC%2B6b4op8z1piOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 871e2b637d7141d2-EWR
expires: Fri, 07 Jun 2024 16:51:01 GMT

GET
H3 200 roboto-regular-webfont.woff2
servicecu-secure.icu/BankatFirst/fonts/ 15 KB
15 KB 435ms
415ms Font
font/woff2 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/roboto-regular-webfont.woff2

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/224.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/224.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:16 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15344
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Sat, 21 May 2022 22:08:20 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TQ4YM4sEkvxLZuX5%2FG%2BsdXpETP75Igb9Oq%2FZeK%2FENoV0LN8lhoPMaaNCvsUJ8Xhu4on9YRacXjZyyUmNUtCWye%2F6ZZg4ahp4OrMY8oZUuXikjEqj5GjjXOFnvtRGela8AwUbp0%2F5Wd7q%2BxWxb1watnyNXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 871e2b639d9441d2-EWR
expires: Sat, 08 Jun 2024 23:10:11 GMT

GET
H3 404 muli-v11-latin-700.woff2
servicecu-secure.icu/BankatFirst/fonts/ 0
0 314ms
294ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-700.woff2

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RTa1TXR9SAyGbkRCJnaLniOqeN8Xc0%2B%2FwI%2B1BKZfW4tR9ipJX1L8lc6VYAGxNT6Cgsj5C1Dek180De%2BiD607UCfsQLipP%2FN1JIToAKdepyv9vmzozdFjNmPPvMeAG2gPqwWOMZgd7cJLjjK9gm3AWYLJLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b63ad9a41d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 muli-v11-latin-600.woff2
servicecu-secure.icu/BankatFirst/fonts/ 0
0 318ms
301ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-600.woff2

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q0oP555zfKXNp2JtW70VrDg0CFd3QS3KcUJn29RPTUeXFB7XgDPFJFW0YISqFcrw6dD4I026%2BIuxAw9YAO63mPFNpwKfBwY9nTZmeCnqRjEd2n9eUrcvR7HT1eJs9Z3iCZLc1%2BW21A5IrkWSrAxWJqFUIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b63bdb241d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 muli-v11-latin-regular.woff2
servicecu-secure.icu/BankatFirst/fonts/ 0
0 261ms
258ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-regular.woff2

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4zF8ObksizuQ1KfsODR3%2BTViKz9Bfb5ouR8LYZK5vy%2BLudR%2BedNAYbVXMcaLz2J3iu%2BKqFACo3y70gPzls8lEzJN%2BK7kpmx1%2F0rn6tWaHddh4639ScwzeVzMtde2l0OGQs915QwNS7h1Av6tDUJvRqkdUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b63cdc741d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 200 favicon.ico
servicecu-secure.icu/BankatFirst/ 293 B
799 B 31ms
30ms Other
image/x-icon 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e18a721d5559f569e5a6585bb6430c1965788e4607ea6704601872de8168811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 09 Apr 2024 23:10:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 109152
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
pragma: public
last-modified: Mon, 01 May 2023 06:45:18 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0uBy5EgngnQCH8VI71GnHtW0NkABQ6ojxH0lahSYV5ntCH%2FlDwYiMR5yrynMWhC9vCjnxOxOAQ1odWV2B6%2BFoiDt3p0dlwt%2F9Hs809Tpgf3yM1CSX9farK1oTIjd3WynI7HWjvVVOOqZBC8nBwC6ziFvJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=5184000
cf-ray: 871e2b653f3e41d2-EWR
expires: Fri, 07 Jun 2024 16:51:01 GMT

GET
H3 404 muli-v11-latin-regular.woff
servicecu-secure.icu/BankatFirst/fonts/ 0
0 318ms
318ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-regular.woff

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3yvYihH0XOrU5ZhZSRHfWDJVXpZ18OLmzrFhxDedVkaH19P8aV7G8idmYpeubYvSer6fpxyv2CKS327%2FZfRdhfzxb%2FPG3c2HWtrbgDqQW%2BA0cStUqEHtdtnxCD0VrZs%2BkUtap0XgIKXiZB57RlcsTdlUWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b656f6541d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 muli-v11-latin-700.woff
servicecu-secure.icu/BankatFirst/fonts/ 0
0 298ms
297ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-700.woff

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9IY5oU0OsC1%2Faivf%2Bc3ZAAhEc6bqWyk4%2FjaHSRBbVwxvPXLYd2rg5L%2Be%2BBQ1WjckPrK8nkKoN9LD7YtxL5Uu6BXNsO%2Bj5l%2BIQ0q2VbUuym7CuIthKeT8XkHg7CjShjzG6JKaSKt8Mdj5t4GipCZF9vtbCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b657f7841d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

GET
H3 404 muli-v11-latin-600.woff
servicecu-secure.icu/BankatFirst/fonts/ 0
0 333ms
309ms Font
text/html 2606:4700:3036::ac43:aee4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-600.woff

Requested by

Host: servicecu-secure.icu
URL: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:aee4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://servicecu-secure.icu/BankatFirst/css/vthreeallFullCss.css
Origin: https://servicecu-secure.icu
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Tue, 09 Apr 2024 23:10:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zw9ETIWJgsPdmes5UOYyXlhVPw6Y5q6pZYFRwo7HNLb2fUH2ouHdYUOkO3mr7vVwvlsg3IM49MgHKXRHzCOn2UznQdvhnvrdhJK7RwWx%2F%2FtAWHphoBP%2Bw5drcAbLAlRUAWOsD2BBxFoK5if01q%2B4%2Bq7AjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
cf-ray: 871e2b65cfb641d2-EWR
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: First Financial Bank (Financial)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
servicecu-secure.icu/	1970-01-20 19:46:30	Name: f9h1wtvFU5a_uOPqzM0cO7DVlFg Value: qxeyLumGVVD5RqTgPjFKbRqPTXY
servicecu-secure.icu/	1970-01-20 19:46:30	Name: zKoVyiLK3IPmMII4kx4_BX3qy7c Value: 1712704210
servicecu-secure.icu/	1970-01-20 19:46:30	Name: 0Fg6OEU4E779VrCc0V4gQjxx3Uo Value: 1712790610
servicecu-secure.icu/	1970-01-20 19:46:30	Name: mEsoFJfSuvMxi1QMdLdBbEtaQc0 Value: hzTnqZGZfQxwg6wTbWO0adG4aE8
servicecu-secure.icu/	1970-01-20 19:46:30	Name: DPUmKE4L_LLenApcHI1T5EztUv8 Value: 8_Lr1ODJZBN10_99r9-o_h3PFqY
servicecu-secure.icu/	1970-01-20 19:46:30	Name: l36rxd6fSc934rabwAnncZ_c-qg Value: pu6UFa3DcsKo4-9tNRVK7qgy-QM
servicecu-secure.icu/	1970-01-20 19:46:30	Name: 1oqWQIc__aTRZfzPzYG1H9JYht0 Value: 1712704211
servicecu-secure.icu/	1970-01-20 19:46:30	Name: Z41vyKSfdRTsIyVsfHOwl7thshk Value: 1712790611
servicecu-secure.icu/	1970-01-20 19:46:30	Name: T_QGJ9CRRwh_PEkfZxRGojsiCdk Value: Nqet1TtzlSUe1FCsJgjFU8XyL58
.servicecu-secure.icu/	1970-01-21 04:30:40	Name: cf_clearance Value: CKR7tpP2bFxQzGqHBc8gA2P1VddCejXCe9whr2fdiwg-1712704215-1.0.1.1-GsfSBFCPVAG123WVNArWCjKJv7BVf63jtB4EYTlq1Gnvq8N1VGU_fZ_DTUct_SJiTqpEotP_0jJrnlXUndf1sQ

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://servicecu-secure.icu/BankatFirst/ Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-regular.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-700.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-600.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-700.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://servicecu-secure.icu/BankatFirst/fonts/muli-v11-latin-600.woff Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

servicecu-secure.icu
2606:4700:3036::ac43:aee4
2e093a8eec7f8ed38bf91b536cf597aa9f91cf3b45abc11313fdf310736e5e22
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
58d0a27afc6ed22f356c907579f15f41f120c913c118837dba9c1b8da13a5a4f
697207724e3c91390ee837852545c786fc8add50c203f26b44a940df94c471d8
6e18a721d5559f569e5a6585bb6430c1965788e4607ea6704601872de8168811
8fa83fca106f53f3777c6d06af4ea29d7bd046b4bb0445a0021d18e01c5376ee
90aa081d34d85784751bdc6645232cf162308aa27eaf8659959ab07648c83a8e
9523ede402d2159d69b460b9e6d777a361e80f4acb14aa55e9856b2c83035c5b
bc054fd38e88a7c9c1db08bd40dfe7ad366fa23efdce184e372d2adb431c91d2

servicecu-secure.icu Open in urlscan Pro 2606:4700:3036::ac43:aee4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

17 Requests

94 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

156 kBTransfer

871 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

10 Cookies

7 Console Messages

Security Headers

Indicators

servicecu-secure.icu Open in urlscan Pro
2606:4700:3036::ac43:aee4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

94 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

156 kB
Transfer

871 kB
Size

10
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!