bacumembr.icu Open in urlscan Pro
66.151.169.12 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bacumembr.icu/
Effective URL:
http://bacumembr.icu/login.php
Submission Tags: @ecarlesi threat #phishing #becu Search All
Submission: On June 19 via api (June 19th 2023, 5:02:22 pm UTC) from FR — Scanned from FR

Summary HTTP 35 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 35 HTTP transactions. The main IP is 66.151.169.12, located in Los Angeles, United States and belongs to INTERNAP-BLK3, US. The main domain is bacumembr.icu.

This is the only time bacumembr.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BECU Credit Union (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 21	66.151.169.12 66.151.169.12	13790 (INTERNAP-...) (INTERNAP-BLK3)
12	107.162.177.191 107.162.177.191	55002 (DEFENSE-NET) (DEFENSE-NET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
35	4

21 66.151.169.12 (Los Angeles, United States) 1 redirects

ASN13790 (INTERNAP-BLK3, US)
PTR: againwhich.sapientvoids.com

bacumembr.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 107.162.177.191 (United States)

ASN55002 (DEFENSE-NET, US)

onlinebanking.becu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	bacumembr.icu 1 redirects bacumembr.icu	48 KB
12	becu.org onlinebanking.becu.org — Cisco Umbrella Rank: 175463	32 KB
2	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 80	1 KB
35	4

	Domain	Requested by
21	bacumembr.icu	1 redirects bacumembr.icu
12	onlinebanking.becu.org	bacumembr.icu
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	bacumembr.icu
35	4

This site contains links to these domains. Also see Links.

Domain
www.becu.org
accessassistant.becu.org
business.becu.org
newsroom.becu.org
survey3.medallia.com

Subject Issuer	Validity	Valid
onlinebanking.becu.org DigiCert TLS RSA SHA256 2020 CA1	`2022-08-03` - `2023-08-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://bacumembr.icu/login.php
Frame ID: 75533F3FE305F8D289AAACDA613B95DB
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Banking Login | BECU

Page URL History Show full URLs

http://bacumembr.icu/ HTTP 302
http://bacumembr.icu/login.php Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

35
Requests

34 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

128 kB
Transfer

355 kB
Size

1
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://www.becu.org/

Search URL Search Domain Scan URL

URL: http://www.becu.org/search
Title: Search

Search URL Search Domain Scan URL

URL: http://www.becu.org/locations/all-locations
Title: Locations

Search URL Search Domain Scan URL

URL: http://www.becu.org/support/top-questions
Title: Support

Search URL Search Domain Scan URL

URL: https://accessassistant.becu.org/Questions
Title: Forgot your Password?

Search URL Search Domain Scan URL

URL: https://accessassistant.becu.org/UserName
Title: Forgot your User ID?

Search URL Search Domain Scan URL

URL: https://www.becu.org/support/online-banking#enroll
Title: click here to enroll

Search URL Search Domain Scan URL

URL: http://www.becu.org/join
Title: Sign up for membership with BECU

Search URL Search Domain Scan URL

URL: https://business.becu.org/becu/uux.aspx#/login
Title: Business Online Banking

Search URL Search Domain Scan URL

URL: https://business.becu.org/becu/sdk/BECUBusinessEnrollment
Title: Enroll in Business Online Banking

Search URL Search Domain Scan URL

URL: http://www.becu.org/accessibility-statement
Title: ACCESSIBILITY

Search URL Search Domain Scan URL

URL: http://www.becu.org/members-matter/about-membership
Title: MEMBERSHIP

Search URL Search Domain Scan URL

URL: http://www.becu.org/support/forms
Title: FORMS

Search URL Search Domain Scan URL

URL: http://www.becu.org/about-us/home
Title: ABOUT US

Search URL Search Domain Scan URL

URL: http://www.becu.org/support/routing-number
Title: ROUTING NUMBER 325081403

Search URL Search Domain Scan URL

URL: http://www.becu.org/~/media/Files/PDF/avoidingForeclosure.pdf
Title: AVOIDING FORECLOSURE

Search URL Search Domain Scan URL

URL: http://www.becu.org/members-matter/news-discounts
Title: NEWS & DISCOUNTS

Search URL Search Domain Scan URL

URL: http://www.becu.org/support/contact-us
Title: CONTACT

Search URL Search Domain Scan URL

URL: http://www.becu.org/careers
Title: CAREERS

Search URL Search Domain Scan URL

URL: https://newsroom.becu.org/
Title: NEWSROOM

Search URL Search Domain Scan URL

URL: http://www.becu.org/security-and-privacy
Title: SECURITY

Search URL Search Domain Scan URL

URL: http://www.becu.org/online-privacy-notice
Title: PRIVACY

Search URL Search Domain Scan URL

URL: http://www.becu.org/~/media/Files/PDF/BECUTermsandConditions.pdf
Title: TERMS & CONDITIONS

Search URL Search Domain Scan URL

URL: https://survey3.medallia.com/?becumembersuggestions
Title: SEND A SUGGESTION

Search URL Search Domain Scan URL

URL: http://www.becu.org/blog
Title: BECU BLOG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bacumembr.icu/ HTTP 302
http://bacumembr.icu/login.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login.php Show response
bacumembr.icu/
Redirect Chain

http://bacumembr.icu/
http://bacumembr.icu/login.php

37 KB
8 KB

287ms
286ms

Document
text/html

66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash: 3825d71c27d5eafbe738ed4188b31d4d12e9b5a7a56e88c8bf9fa5aceff75674

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: fr-FR,fr;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
connection: Keep-Alive
content-encoding: gzip
content-length: 7784
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 17:02:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding

Redirect headers

cache-control: no-store, no-cache, must-revalidate
connection: Keep-Alive
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 17:02:06 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: login.php#/dashboard/overviewAccounts/overview/index?id=jdsfhbdhbj232hg3234g32h4jg1
pragma: no-cache
server: LiteSpeed

GET
H/1.1 404
Not Found becu_common.js
bacumembr.icu/BECUBankingWeb/Scripts/ 0
0 170ms
162ms Script
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/BECUBankingWeb/Scripts/becu_common.js?cache
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:06 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found becu_common.js
bacumembr.icu/BECUBankingWeb/Scripts/ 0
0 379ms
205ms Script
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/BECUBankingWeb/Scripts/becu_common.js?async
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:06 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK style.css
bacumembr.icu/css/ 237 KB
39 KB 337ms
169ms Stylesheet
text/css 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/style.css
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash: 61240f732ea88f32bcd3e1b898afb394c700b4885fa4c8a02343f254ac917d34

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:06 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 22:37:34 GMT
server: LiteSpeed
etag: "3b3ee-5fe0a7b38c780-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
connection: Keep-Alive
accept-ranges: bytes
content-length: 39402
expires: Mon, 26 Jun 2023 17:02:06 GMT

GET
H/1.1 200
OK style2.css
bacumembr.icu/css/ 5 KB
1 KB 374ms
204ms Stylesheet
text/css 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/style2.css
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash: b39b06ef60f5da00f67b12af25fdcbcd3e32ef2cf296e62b355cd895022a0864

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:06 GMT
content-encoding: gzip
last-modified: Tue, 13 Jun 2023 22:36:58 GMT
server: LiteSpeed
etag: "14aa-5fe0a79137680-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
connection: Keep-Alive
accept-ranges: bytes
content-length: 831
expires: Mon, 26 Jun 2023 17:02:06 GMT

GET
H/1.1 200
OK becu-logo-mobile.png
onlinebanking.becu.org/becubankingweb/images/ 2 KB
2 KB 1095ms
166ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/becu-logo-mobile.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

37d7cfe6df3b924bfaf33320ffd526cc558d3c693f63241d90bde8133f8105a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1927

GET
H/1.1 200
OK becu-logo-tablet.png
onlinebanking.becu.org/becubankingweb/images/ 2 KB
3 KB 1101ms
164ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/becu-logo-tablet.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8278a26d76affc3ec5de77cb8c69af07fe5efd2d52ee0c048f4a8649b627f804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 2324

GET
H/1.1 200
OK becu-logo-desktop.png
onlinebanking.becu.org/becubankingweb/images/ 3 KB
4 KB 1104ms
167ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/becu-logo-desktop.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

c25e1eb12d082ca91060a9f463cad441e8efe5687ecb0b6d946219eb683ce42a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:08 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit18012
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 3289

GET
H/1.1 200
OK ico-closed-eye-new.png
onlinebanking.becu.org/becubankingweb/images/ 691 B
1 KB 1427ms
338ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/ico-closed-eye-new.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

517ccec038ddf888146f0508f7eac214cbbf1a133701fc208ea0328b1bff9944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 691

GET
H/1.1 200
OK Icon_Facebook.svg
onlinebanking.becu.org/becubankingweb/images/ 483 B
882 B 1429ms
338ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_Facebook.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1e554c21fc3503f9d06cba399b2627da518c93115e0701472dbca76f82de6fd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 483

GET
H/1.1 200
OK Icon_Instagram.svg
onlinebanking.becu.org/becubankingweb/images/ 1 KB
1 KB 1430ms
338ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_Instagram.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

79bdefee2f0f239d339054f9606f8c9d828f326fb519542526f795fe6f5a1f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit12032
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 1124

GET
H/1.1 200
OK Icon_Twitter.svg
onlinebanking.becu.org/becubankingweb/images/ 712 B
1 KB 859ms
533ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_Twitter.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

235b57c1397a0b1e2ddf5a3d153a56b2ded692ad6c08e4d09525f30228f728f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 712

GET
H/1.1 200
OK Icon_Pinterest.svg
onlinebanking.becu.org/becubankingweb/images/ 950 B
2 KB 704ms
378ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_Pinterest.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

617238ba317a7df75057cb94382232aa54771b868b930084f811c067facc8cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit18012
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 950

GET
H/1.1 200
OK Icon_LinkedIn.svg
onlinebanking.becu.org/becubankingweb/images/ 558 B
1 KB 696ms
370ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_LinkedIn.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

aec961554eb286c5987fa7fab0e14ce809769451c8f29a86a939905bf4fcacbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 558

GET
H/1.1 200
OK Icon_YouTube.svg
onlinebanking.becu.org/becubankingweb/images/ 556 B
1 KB 857ms
530ms Image
image/svg+xml 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_YouTube.svg?h=45&w=45

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Resource Hash

533b8aa165bcc0eb9bf9950fd6e3eaed779c01fdf3a977780793bcc734398b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 556

GET
H/1.1 200
OK Icon_EHOL.png
onlinebanking.becu.org/becubankingweb/images/ 6 KB
6 KB 703ms
385ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_EHOL.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

7e2f8c0c858a03425096e2158d00ea6f8965cbdd36bc40bc51b7862f85f8558e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit17006
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 6099

GET
H/1.1 200
OK Icon_NCUA.png
onlinebanking.becu.org/becubankingweb/images/ 7 KB
8 KB 860ms
534ms Image
image/png 107.162.177.191
DEFENSE-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.becu.org/becubankingweb/images/Icon_NCUA.png

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/login.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

107.162.177.191 , United States, ASN55002 (DEFENSE-NET, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

88670f18763ad6b0a9c935368618718668149f7b196213daa8caa078453876bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 dca1-bit12032
Last-Modified: Mon, 01 May 2023 21:39:14 GMT
Server: Microsoft-IIS/10.0
ETag: "06d895f757cd91:0"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 7540

GET
H/1.1 404
Not Found AccessibilityShims.js
bacumembr.icu/BECUBankingWeb/Scripts/ 0
0 166ms
165ms Script
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/BECUBankingWeb/Scripts/AccessibilityShims.js
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/login.php
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/login.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK css
fonts.googleapis.com/ 4 KB
1 KB 63ms
36ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Lato:400,300,400italic,700,700italic,900

Requested by

Host: bacumembr.icu
URL: http://bacumembr.icu/css/style.css

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2f24280905e712626dfae26af1538771588f5b56f657ea04e0f4f45afc3d3b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fr-FR,fr;q=0.9
Referer: http://bacumembr.icu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 17:02:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Mon, 19 Jun 2023 17:02:07 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 19 Jun 2023 17:02:07 GMT

GET
H/1.1 404
Not Found 358A1A_3_0.woff2
bacumembr.icu/css/webfonts/ 0
0 168ms
168ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.woff2
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found becu-icons.woff
bacumembr.icu/css/fonts/ 0
0 170ms
169ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/fonts/becu-icons.woff
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 54ms
27ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300,400italic,700,700italic,900

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Fri, 16 Jun 2023 11:40:10 GMT
X-Content-Type-Options: nosniff
Age: 278517
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23040
X-XSS-Protection: 0
Last-Modified: Tue, 02 May 2023 15:07:25 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sat, 15 Jun 2024 11:40:10 GMT

GET
H/1.1 404
Not Found 358A1A_9_0.woff2
bacumembr.icu/css/webfonts/ 0
0 170ms
169ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.woff2
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_0_0.woff2
bacumembr.icu/css/webfonts/ 0
0 178ms
165ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.woff2
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 54ms
27ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Lato:400,300,400italic,700,700italic,900

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Sat, 17 Jun 2023 09:32:19 GMT
X-Content-Type-Options: nosniff
Age: 199788
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 23580
X-XSS-Protection: 0
Last-Modified: Tue, 02 May 2023 15:17:22 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Sun, 16 Jun 2024 09:32:19 GMT

GET
H/1.1 404
Not Found 358A1A_1_0.woff2
bacumembr.icu/css/webfonts/ 0
0 334ms
167ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.woff2
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_3_0.woff
bacumembr.icu/css/webfonts/ 0
0 164ms
162ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.woff
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found becu-icons.ttf
bacumembr.icu/css/fonts/ 0
0 167ms
167ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/fonts/becu-icons.ttf
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_9_0.woff
bacumembr.icu/css/webfonts/ 0
0 164ms
163ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.woff
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_0_0.woff
bacumembr.icu/css/webfonts/ 0
0 166ms
166ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.woff
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_3_0.ttf
bacumembr.icu/css/webfonts/ 0
0 167ms
166ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.ttf
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_1_0.woff
bacumembr.icu/css/webfonts/ 0
0 175ms
175ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.woff
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_9_0.ttf
bacumembr.icu/css/webfonts/ 0
0 167ms
166ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.ttf
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_0_0.ttf
bacumembr.icu/css/webfonts/ 0
0 171ms
171ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.ttf
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found 358A1A_1_0.ttf
bacumembr.icu/css/webfonts/ 0
0 169ms
167ms Font
text/html 66.151.169.12
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.ttf
Requested by: Host: bacumembr.icu
URL: http://bacumembr.icu/css/style2.css
Protocol: HTTP/1.1
Server: 66.151.169.12 Los Angeles, United States, ASN13790 (INTERNAP-BLK3, US),
Reverse DNS: againwhich.sapientvoids.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: http://bacumembr.icu/css/style2.css
Origin: http://bacumembr.icu
accept-language: fr-FR,fr;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 17:02:07 GMT
content-encoding: gzip
server: LiteSpeed
connection: Keep-Alive
content-length: 231
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BECU Credit Union (Financial)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			bacumembr.icu/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3lm5bogrsnv77upea11v20v4jl

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://bacumembr.icu/BECUBankingWeb/Scripts/becu_common.js?cache Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/BECUBankingWeb/Scripts/becu_common.js?async Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/BECUBankingWeb/Scripts/AccessibilityShims.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/fonts/becu-icons.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.woff2 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/fonts/becu-icons.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_3_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_9_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_0_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://bacumembr.icu/css/webfonts/358A1A_1_0.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bacumembr.icu
fonts.googleapis.com
fonts.gstatic.com
onlinebanking.becu.org
107.162.177.191
2a00:1450:4001:809::2003
2a00:1450:4001:828::200a
66.151.169.12
1e554c21fc3503f9d06cba399b2627da518c93115e0701472dbca76f82de6fd8
235b57c1397a0b1e2ddf5a3d153a56b2ded692ad6c08e4d09525f30228f728f3
2f24280905e712626dfae26af1538771588f5b56f657ea04e0f4f45afc3d3b89
37d7cfe6df3b924bfaf33320ffd526cc558d3c693f63241d90bde8133f8105a7
3825d71c27d5eafbe738ed4188b31d4d12e9b5a7a56e88c8bf9fa5aceff75674
517ccec038ddf888146f0508f7eac214cbbf1a133701fc208ea0328b1bff9944
533b8aa165bcc0eb9bf9950fd6e3eaed779c01fdf3a977780793bcc734398b1c
61240f732ea88f32bcd3e1b898afb394c700b4885fa4c8a02343f254ac917d34
617238ba317a7df75057cb94382232aa54771b868b930084f811c067facc8cdd
79bdefee2f0f239d339054f9606f8c9d828f326fb519542526f795fe6f5a1f2d
7e2f8c0c858a03425096e2158d00ea6f8965cbdd36bc40bc51b7862f85f8558e
8278a26d76affc3ec5de77cb8c69af07fe5efd2d52ee0c048f4a8649b627f804
88670f18763ad6b0a9c935368618718668149f7b196213daa8caa078453876bc
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
aec961554eb286c5987fa7fab0e14ce809769451c8f29a86a939905bf4fcacbc
b39b06ef60f5da00f67b12af25fdcbcd3e32ef2cf296e62b355cd895022a0864
c25e1eb12d082ca91060a9f463cad441e8efe5687ecb0b6d946219eb683ce42a
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

bacumembr.icu Open in urlscan Pro 66.151.169.12 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

34 %HTTPS

50 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

128 kBTransfer

355 kBSize

1 Cookies

25 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bacumembr.icu Open in urlscan Pro
66.151.169.12 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

34 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

128 kB
Transfer

355 kB
Size

1
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!