amfirst-digltal.com Open in urlscan Pro
173.248.144.185 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://amfirst-digltal.com/Authentication/
Submission Tags: @ecarlesi threat phishing Search All
Submission: On November 29 via api (November 29th 2023, 10:01:58 am UTC) from IT — Scanned from IT

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 26 HTTP transactions. The main IP is 173.248.144.185, located in United States and belongs to WEHOSTWEBSITES-COM, US. The main domain is amfirst-digltal.com.
TLS certificate: Issued by R3 on November 28th 2023. Valid for: 3 months.

This is the only time amfirst-digltal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: America's First Federal Credit Union (Financial)

Domain & IP information

	IP Address	AS Autonomous System
22	173.248.144.185 173.248.144.185	30475 (WEHOSTWEB...) (WEHOSTWEBSITES-COM)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	108.138.33.69 108.138.33.69	16509 (AMAZON-02) (AMAZON-02)
2	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
26	4

22 173.248.144.185 (United States)

ASN30475 (WEHOSTWEBSITES-COM, US)
PTR: 173-248-144-185.static.x5x-noc.ru

amfirst-digltal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.33.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-33-69.muc50.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

bigcoke233.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	amfirst-digltal.com amfirst-digltal.com	1 MB
2	github.io bigcoke233.github.io	2 KB
1	pusher.com js.pusher.com — Cisco Umbrella Rank: 15122	19 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
26	4

	Domain	Requested by
22	amfirst-digltal.com	amfirst-digltal.com
2	bigcoke233.github.io	amfirst-digltal.com
1	js.pusher.com	amfirst-digltal.com
1	code.jquery.com	amfirst-digltal.com
26	4

This site contains no links.

Subject Issuer	Validity	Valid
amfirst-digltal.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
js.pusher.com Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://amfirst-digltal.com/Authentication/
Frame ID: 46F471F425132DC82C4F1AA1AA6E4CEC
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AmFirst

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

26
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1420 kB
Transfer

2472 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
amfirst-digltal.com/Authentication/ 25 KB
6 KB 460ms
152ms Document
text/html 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 06abdd89d9fd0bc7f755c3645a1c2df99bc07df3a848691ddebe710d7373f877

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: it-IT,it;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 29 Nov 2023 10:01:53 GMT
etag: W/"65635997-64dd"
last-modified: Sun, 26 Nov 2023 14:43:35 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 yui-reset.min.css
amfirst-digltal.com/css/ 795 B
647 B 156ms
154ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/yui-reset.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: d627ca33e5363a78d00f6d54764f62a4bf75dc50df96ca2e981f94727c7578fc

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
x-accel-version: 0.01
etag: "31b-60b146fd8e200-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 440

GET
H2 200 jquery-ui.min.css
amfirst-digltal.com/css/ 31 KB
9 KB 158ms
156ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/jquery-ui.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: d529f2bbe9a7a1e8e64728ff9b6b98b4c4728d0c96a4c9ac771af426b3b220f1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-7a60"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.daterangepicker.min.css
amfirst-digltal.com/css/ 3 KB
1008 B 158ms
156ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/jquery.daterangepicker.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 3a51222482c740ce1726a88edfce871671f7ca57d1b1c0a5c43985779f5ee3c9

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-a4f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 ext-all.min.css
amfirst-digltal.com/css/ 123 KB
23 KB 306ms
305ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/ext-all.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 239c86b52ad53354a9251ab74cf5e01a45d53a91232c0d0f0b890f28e5401d9f

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
etag: W/"6563b148-1ecc9"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 base.min.css
amfirst-digltal.com/css/ 197 KB
41 KB 308ms
307ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/base.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: c16be91f5b4b750522a8ff4c1c51bc615611efeede8f489dcdd73ee25e2268c0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:46 GMT
server: nginx
etag: W/"6563b14a-313d6"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 grid.min.css
amfirst-digltal.com/css/ 6 KB
2 KB 454ms
452ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/grid.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: a43eacfa8a85add113f9ffddbc088919e1719b92b0cf2f8b5233e8d8c4a5a28a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-1864"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 sidebar.min.css
amfirst-digltal.com/css/ 3 KB
1 KB 454ms
453ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/sidebar.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 892ca9b21215cb57c26966816d3b5317063921e0120da9eb61b98519cc86def0

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
etag: W/"6563b148-ac4"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 iris.shim.desktop.min.css
amfirst-digltal.com/css/ 675 B
579 B 455ms
453ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris.shim.desktop.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: dc101eb9f7f9a6f31d2a51a942b2dc3ef82a2ece92c1cbe658cf4cf5c7af688d

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
x-accel-version: 0.01
etag: "2a3-60b146fd8e200-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
accept-ranges: bytes
content-length: 373

GET
H2 200 iris.min.css
amfirst-digltal.com/css/ 105 KB
20 KB 454ms
453ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 98cb49b101fa72f746242b95b143fba8c96e0ac6fda9ba909c31a049eb40f3a3

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-1a2ba"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 iris-foundation.min.css
amfirst-digltal.com/css/ 50 KB
8 KB 455ms
453ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris-foundation.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: e784e6e521174a0667d07a04ff85a965da2eea5ae35e661bad546cc6288c943a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-c878"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 iris-components.shim.desktop.min.css
amfirst-digltal.com/css/ 1 KB
708 B 455ms
454ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris-components.shim.desktop.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 6e4c530ffdd490a612029d32a352d4686764773420f1da3a4cccc43f6d1faa42

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-50e"
vary: Accept-Encoding
content-type: text/css

GET
H2 404 iris-foundation.min(1).css
amfirst-digltal.com/css/ 0
0 455ms
454ms Stylesheet
text/html 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris-foundation.min(1).css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 200 iris-components.min.css
amfirst-digltal.com/css/ 355 KB
61 KB 455ms
454ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/iris-components.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 5ca7b0a45d403a9d7d0e89aea96162e1024517e23eb8b5f43d0515ac9ce50635

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-58cdb"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 isotope.min.css
amfirst-digltal.com/css/ 24 KB
4 KB 455ms
454ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/isotope.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 2638914c44a2856df681c9c7d70d58aabfc2fcd0605198dcf87a490255aa8342

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-6064"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 font-icons.css
amfirst-digltal.com/css/ 120 KB
10 KB 455ms
455ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/font-icons.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: b25e2e9de5f01056f1d82b6e8b116ef1977263cd062e5a07e1231e54f9bf7f2e

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
etag: W/"6563b148-1e13a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 theme.desktop.min.css
amfirst-digltal.com/css/ 56 KB
10 KB 455ms
455ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/theme.desktop.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 2f5b5775a522bcb83690e28e55e32e8569584e5596b26577c9f5f3b09eef627b

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
etag: W/"6563b148-e066"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 fi.desktop.min.css
amfirst-digltal.com/css/ 51 KB
12 KB 456ms
455ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/fi.desktop.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 3c1c5be424a13a0921ca4141d2ea18339e5fad64c395f38665f7fb54904e306a

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
etag: W/"6563b148-ccb6"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 Logo.png
amfirst-digltal.com/css/ 1 MB
1 MB 456ms
455ms Image
image/png 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amfirst-digltal.com/css/Logo.png
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 45e597939bbae1b35678935906d9ed5fc5e6bf095c030297eeca42b7484e7c29

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
accept-ranges: bytes
etag: "6563b148-100000"
content-length: 1048576
content-type: image/png

GET
H2 200 jquery-3.7.0.min.js Show response
code.jquery.com/ 85 KB
30 KB 79ms
23ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.7.0.min.js
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 6449914
x-cache: HIT, HIT
content-length: 30308
x-served-by: cache-lga13623-LGA, cache-mxp6951-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1701252113.262165,VS0,VE0
etag: W/"28feccc0-155a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 33, 200232

GET
H2 200 pusher.min.js Show response
js.pusher.com/7.2/ 69 KB
19 KB 157ms
43ms Script
application/javascript 108.138.33.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/7.2/pusher.min.js
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.33.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-33-69.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b39f0b274992d4d7c19b5ce5b56e9020dd1666ad1ee7fc4a378d26679efc6029

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:32:05 GMT
content-encoding: gzip
via: 1.1 068dc56746723ff514ed3604e029e74e.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 13:45:32 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 1265388
etag: W/"99f7f95a02d32c6b8587afa7e7440d3f"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=2592000
x-amz-cf-id: 8wPtkllM3EqNSW-MznIkxClrORiXjg3zZMSeqk4o7XYCm0sqGsKV4A==

GET
H2 200 toaster.js Show response
bigcoke233.github.io/toaster.js/ 2 KB
1 KB 182ms
127ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bigcoke233.github.io/toaster.js/toaster.js

Requested by

Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

5bf1c27da29b3a047e4bee623f68633c0ed99f09add721bed4430097cdbfe3ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: ac2c7bd41e3447824937e848eddb19ce0503b633
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Nov 2023 10:01:53 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 679
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 23 Aug 2022 05:46:50 GMT
server: GitHub.com
x-github-request-id: CE3E:5F95:130DFB3:135EE44:65670C10
x-timer: S1701252113.261933,VS0,VE105
etag: W/"630469ca-740"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 29 Nov 2023 10:11:53 GMT

GET
H2 200 toaster.css
bigcoke233.github.io/toaster.js/ 3 KB
963 B 217ms
162ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bigcoke233.github.io/toaster.js/toaster.css

Requested by

Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

49a6845433fa80ce610243532dcca24ed7e67dcb60d73ab35a7d8c271698b91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id: 241390cc082291a57b18cb69fb37a9857efb6a05
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Wed, 29 Nov 2023 10:01:53 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 802
x-served-by: cache-mxp6942-MXP
last-modified: Tue, 23 Aug 2022 05:46:50 GMT
server: GitHub.com
x-github-request-id: C4FA:1BFB:13AB4EB:13FC4E8:65670C11
x-timer: S1701252113.261961,VS0,VE140
etag: W/"630469ca-a45"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Wed, 29 Nov 2023 10:11:53 GMT

GET
H2 200 HvEsomv.gif
amfirst-digltal.com/css/ 79 KB
79 KB 454ms
454ms Image
image/gif 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amfirst-digltal.com/css/HvEsomv.gif
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 8004dee0278c2b84da9bb5557186174fa1fdefeb899929293873ec5f966895f1

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
last-modified: Sun, 26 Nov 2023 20:57:46 GMT
server: nginx
accept-ranges: bytes
etag: "6563b14a-13b5b"
content-length: 80731
content-type: image/gif

GET
H2 200 print.min.css
amfirst-digltal.com/css/ 8 KB
2 KB 495ms
495ms Stylesheet
text/css 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/print.min.css
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/Authentication/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: 7884e0ce43de8695fc479fc021172bd28358c88237bf9ed33a9b8d2c70b3e3d8

Request headers

accept-language: it-IT,it;q=0.9
Referer: https://amfirst-digltal.com/Authentication/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
content-encoding: gzip
last-modified: Sun, 26 Nov 2023 20:57:42 GMT
server: nginx
etag: W/"6563b146-1e09"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 Alkami.woff2
amfirst-digltal.com/css/ 52 KB
52 KB 290ms
290ms Font
font/woff2 173.248.144.185
WEHOSTWEBSITES-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://amfirst-digltal.com/css/Alkami.woff2
Requested by: Host: amfirst-digltal.com
URL: https://amfirst-digltal.com/css/font-icons.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.248.144.185 , United States, ASN30475 (WEHOSTWEBSITES-COM, US),
Reverse DNS: 173-248-144-185.static.x5x-noc.ru
Software: nginx /
Resource Hash: f5f4b674046a09ea54af03379ce0e2a5b3eb3bbe4bdec81d8e3068c5b43fcf28

Request headers

Referer: https://amfirst-digltal.com/css/font-icons.css
Origin: https://amfirst-digltal.com
accept-language: it-IT,it;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 10:01:53 GMT
last-modified: Sun, 26 Nov 2023 20:57:44 GMT
server: nginx
accept-ranges: bytes
etag: "6563b148-ce08"
content-length: 52744
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: America's First Federal Credit Union (Financial)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://amfirst-digltal.com/css/iris-foundation.min(1).css Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amfirst-digltal.com
bigcoke233.github.io
code.jquery.com
js.pusher.com
108.138.33.69
173.248.144.185
2606:50c0:8002::153
2a04:4e42:600::649
06abdd89d9fd0bc7f755c3645a1c2df99bc07df3a848691ddebe710d7373f877
239c86b52ad53354a9251ab74cf5e01a45d53a91232c0d0f0b890f28e5401d9f
2638914c44a2856df681c9c7d70d58aabfc2fcd0605198dcf87a490255aa8342
2f5b5775a522bcb83690e28e55e32e8569584e5596b26577c9f5f3b09eef627b
3a51222482c740ce1726a88edfce871671f7ca57d1b1c0a5c43985779f5ee3c9
3c1c5be424a13a0921ca4141d2ea18339e5fad64c395f38665f7fb54904e306a
45e597939bbae1b35678935906d9ed5fc5e6bf095c030297eeca42b7484e7c29
49a6845433fa80ce610243532dcca24ed7e67dcb60d73ab35a7d8c271698b91d
5bf1c27da29b3a047e4bee623f68633c0ed99f09add721bed4430097cdbfe3ad
5ca7b0a45d403a9d7d0e89aea96162e1024517e23eb8b5f43d0515ac9ce50635
6e4c530ffdd490a612029d32a352d4686764773420f1da3a4cccc43f6d1faa42
7884e0ce43de8695fc479fc021172bd28358c88237bf9ed33a9b8d2c70b3e3d8
8004dee0278c2b84da9bb5557186174fa1fdefeb899929293873ec5f966895f1
892ca9b21215cb57c26966816d3b5317063921e0120da9eb61b98519cc86def0
98cb49b101fa72f746242b95b143fba8c96e0ac6fda9ba909c31a049eb40f3a3
a43eacfa8a85add113f9ffddbc088919e1719b92b0cf2f8b5233e8d8c4a5a28a
b25e2e9de5f01056f1d82b6e8b116ef1977263cd062e5a07e1231e54f9bf7f2e
b39f0b274992d4d7c19b5ce5b56e9020dd1666ad1ee7fc4a378d26679efc6029
c16be91f5b4b750522a8ff4c1c51bc615611efeede8f489dcdd73ee25e2268c0
d529f2bbe9a7a1e8e64728ff9b6b98b4c4728d0c96a4c9ac771af426b3b220f1
d627ca33e5363a78d00f6d54764f62a4bf75dc50df96ca2e981f94727c7578fc
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dc101eb9f7f9a6f31d2a51a942b2dc3ef82a2ece92c1cbe658cf4cf5c7af688d
e784e6e521174a0667d07a04ff85a965da2eea5ae35e661bad546cc6288c943a
f5f4b674046a09ea54af03379ce0e2a5b3eb3bbe4bdec81d8e3068c5b43fcf28

amfirst-digltal.com Open in urlscan Pro 173.248.144.185 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

1420 kBTransfer

2472 kBSize

0 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

amfirst-digltal.com Open in urlscan Pro
173.248.144.185 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

1420 kB
Transfer

2472 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!