rbfcus.com Open in urlscan Pro
2606:4700:3037::6815:4f46 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://rbfcus.com/
Submission: On December 23 via api (December 23rd 2022, 4:04:01 am UTC) from JP — Scanned from JP

Summary HTTP 13 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3037::6815:4f46, located in United States and belongs to CLOUDFLARENET, US. The main domain is rbfcus.com.

This is the only time rbfcus.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Randolph Brooks Federal Credit Union (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3037::6815:4f46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
13	2

12 2606:4700:3037::6815:4f46 (United States)

ASN13335 (CLOUDFLARENET, US)

rbfcus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	rbfcus.com rbfcus.com	123 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	31 KB
13	2

	Domain	Requested by
12	rbfcus.com	rbfcus.com
1	code.jquery.com	rbfcus.com
13	2

This site contains links to these domains. Also see Links.

Domain
www.rbfcu.org

Subject Issuer	Validity	Valid
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://rbfcus.com/
Frame ID: 2A740AE25DC9669812D33C25986B0F89
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RBFCU - Sign In

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

8 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

154 kB
Transfer

521 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rbfcu.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response rbfcus.com/	62 KB 12 KB	518ms 504ms	Document text/html	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e20ad01a389913b4bc242fbc50c644aaa4b89f4bf113614adf6bf2cc37338329` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 77de35cf0eab80bd-NRT Connection keep-alive Content-Encoding gzip Content-Type text/html Date Fri, 23 Dec 2022 04:03:55 GMT Last-Modified Tue, 08 Nov 2022 15:38:23 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9FAZCG%2BnaKl2eyPL1sPRWaHmMfVpcyJy3bBpo1TqBFznY8NojA8WIVxHZu3MKaA6RirZ9J8F67qik5FN5VZV0OOp0iqXKqFJ5Y0q7dmKwmuIcCkBwccLXgqOztzxIlrGniemb%2FkLUtC"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	icon rbfcus.com/index_files/	569 B 1 KB	252ms 252ms	Stylesheet application/octet-stream	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/icon Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT CF-Cache-Status DYNAMIC Last-Modified Tue, 08 Nov 2022 14:01:02 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "636a611e-239" Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqJwqc%2BqFgJ%2Bc7GQra31f%2F238gk5pcznWBBGpsrKhPbYcDeC%2FiL1WpETYSw25h4wPH3EFtv4IostjkBWnI%2B2pJICbFD7Nmp5N3Wlbok%2FknISZtHG%2BwKJxVxrTUU2jFKSQYr5PbjXm1kC"}],"group":"cf-nel","max_age":604800} Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes CF-RAY 77de35d238ef80bd-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 569
GET H/1.1	200 OK	css rbfcus.com/index_files/	25 KB 26 KB	473ms 471ms	Stylesheet application/octet-stream	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/css Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3b685fc80761bded5bdd110ea99d3dbd545712c919e85562d07a1bb9cd5192d4` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT CF-Cache-Status DYNAMIC Last-Modified Tue, 08 Nov 2022 14:01:02 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "636a611e-6388" Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6rb3RxEkJFwYK8vjUpz2U%2Bq4lNFPE0yYmqTKFFqdwhrOPoUz9zlmAabtXtk2UG9TmY0F8swf%2FaJf%2FF%2BUHwivQaR1nWdSEVOBpqSFEleoUbCuZyuv%2B2C%2B7lg8vkJDMvZbfLF6s1habUIn"}],"group":"cf-nel","max_age":604800} Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes CF-RAY 77de35d239fbaf91-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 25480
GET H/1.1	200 OK	chat-bundle.css rbfcus.com/index_files/	509 B 1001 B	501ms 499ms	Stylesheet text/css	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/chat-bundle.css Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c6beefa602ca964349befc6959bfd33792a22cf5d9b32122584abf8f7b3aeed5` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:01:04 GMT Server cloudflare ETag W/"636a6120-1fd" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xdl1kSvaFHx1nTlRiKAKoYboeKfV6ed6vfNvt44wTFPqzNyxy2UVXDp69Rjgju5kADiXC1UopsDGi0OmhbIuPyHGpW5PPbQOSrkLQ9fBQPlNJioGSGvx%2FqaiuF0WDJvhtbQ5J0kf1kHA"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 77de35d23eadf61d-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	styles.1093ad5e9c1bed3ed1d8.css rbfcus.com/index_files/	225 KB 38 KB	17ms 15ms	Stylesheet text/css	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/styles.1093ad5e9c1bed3ed1d8.css Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ffb70eb1b3d03a213e07d281dd425b34bd4e99bdf0823f937b97e0318272ffae` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:55 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 65676 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:01:04 GMT Server cloudflare ETag W/"636a6120-38265" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsGE3pySHIr4Sy4dmCVY%2FVeTZc1I%2BseACyRAjvU4jv6T9Blq%2FY%2B5Pry7EQHCCkGJy%2B2oLDqwc9ZKnsnJrH9HzEabq%2Fn6ee48lhyY4Xy%2Bl0y6Mwj1fxYIpQxUF7EWc6RatopIzbI65Oit"}],"group":"cf-nel","max_age":604800} Content-Type text/css Cache-Control max-age=315360000 CF-RAY 77de35d23bb4e39f-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	css(1) rbfcus.com/index_files/	10 KB 11 KB	489ms 486ms	Stylesheet application/octet-stream	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/css(1) Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT CF-Cache-Status DYNAMIC Last-Modified Tue, 08 Nov 2022 14:01:04 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare ETag "636a6120-2950" Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BvJVcH5lifoYHnr%2FIE0EQMzjeIRVCTNcqXlqj79hFrU5FmlhV2cdk13%2FteTFqLRCVvUNG4%2B%2BlerwdaApWxuXZm5O9cnoqPTiHmFZPU6OqPdCQnLehEkVfOxwhP7TWBN4SJE30LwQDUu"}],"group":"cf-nel","max_age":604800} Content-Type application/octet-stream Connection keep-alive Accept-Ranges bytes CF-RAY 77de35d23b41e05a-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 10576
GET H/1.1	404 Not Found	common.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F rbfcus.com/index_files/	0 0	523ms 521ms	Script text/html	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/common.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kj%2FjOW%2BHMAgQZhV3cd7gU5fbhojlHB2gilfs2DRE%2FX1s6ocTiRlILk540I7%2B3eeMMTBVB9bTPcZqICT7uL1bAc0T%2ByOBJxC%2FngkjHNXZX3gEY3Qd%2BIa6g8jU2XaNzAg%2F6MyLHaoDX0br"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Connection keep-alive CF-RAY 77de35d23a62340e-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	util.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F rbfcus.com/index_files/	0 0	532ms 514ms	Script text/html	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://rbfcus.com/index_files/util.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpgVWs5kC3C3gVpdPvdrz%2FuU9SJgG5vWWNUcxlMUDbhPMFlsFBVzfdLiv445m9PWydg97fvp4EX%2BonajuQCMB1xRY6TzpWp4BEUegczrIqyAqdUV4aVv5GIPppcQ1NT14AtSA2SYmrau"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding Connection keep-alive CF-RAY 77de35d25bc5e39f-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	rbfcu-logo.svg rbfcus.com/index_files/	5 KB 3 KB	10ms 10ms	Image image/svg+xml	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://rbfcus.com/index_files/rbfcu-logo.svg Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 51299 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:01:05 GMT Server cloudflare ETag W/"636a6121-1507" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FbKIzhDHig6lgVEew6Ixgszj61QsSiAvRRvgx1Hl5UYW04D13HdPucff9U1m84DPT8JsUSiwlOPP%2FvGXelNyvcGSwijYvyON%2BZVzix%2FUCnXZUrCmBM4gHsNz8xR4Wbhm4Y5o8OVOMOlh"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=315360000 CF-RAY 77de35d69edaaf91-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	NCUA-logo-gray.svg rbfcus.com/index_files/	102 KB 28 KB	11ms 11ms	Image image/svg+xml	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://rbfcus.com/index_files/NCUA-logo-gray.svg Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3dff3ca4b7e7bdeb6a9ee2c92c7141a270ab5f2373304299a99339ef96454759` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 65676 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:01:05 GMT Server cloudflare ETag W/"636a6121-19884" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YcWsjAM0MxCdvhKh79VNic%2FYZsWhqCBt750LZ6EQfE3JyKI3oZ7esoLCZtRG49MSwgPnPCHBIy8V6YQ%2FKBLZqjlotFTsIUEgOJdVCsZos33YfbLIj5nlnxtxOM99h%2BzAaRYW8Fo0qXM"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=315360000 CF-RAY 77de35d6981ae39f-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H/1.1	200 OK	EHL-logo-gray.svg rbfcus.com/index_files/	2 KB 1 KB	13ms 13ms	Image image/svg+xml	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://rbfcus.com/index_files/EHL-logo-gray.svg Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 43235 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:01:05 GMT Server cloudflare ETag W/"636a6121-64d" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mmlDidPi7u1QfqHLE61XCVafUB54EGEs8O4pGhBJ1GfsPNhZ6cv2kLSoQlNnjEvpDe%2Ft1nm8w5RtPnf5T1GZWHWns%2Bqw8xrgUQEUtCHqGXpkAYCbd7PBP046ejJ0tCv886aM%2BXf6aOy"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=315360000 CF-RAY 77de35d69d82340e-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery-3.6.1.min.js Show response code.jquery.com/	88 KB 31 KB	339ms 112ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.1.min.js Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash `a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 23 Dec 2022 04:03:56 GMT content-encoding gzip x-sp-metadata HS256.CLztlJ0GEo0BCiQxMTZlMmNjYi00MjUwLTQzNGMtYTg5ZS0xYTZmZGFjY2RmMGYQ+OiCoKvU+wIaBgis0ZSdBiISMjAwMTphYzg6NDA6YjM6OjNlKOjjAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkM2NhNGRiNzgtZDJiOC00MjkwLWIxOTQtYzRhZjEyNDNiYjM0GO3xASIYCAISFGNkczAzMS5zajMuaHdjZG4ubmV0.5Lnc4mIS9/1ZWvor7XSV2q03K/UnwojfTQ5Y1rrLfrQ= last-modified Fri, 26 Aug 2022 17:36:05 GMT server nginx etag W/"63090485-15e40" vary Accept-Encoding x-hw 1671768236.dop123.sj3.t,1671768236.cds211.sj3.hn,1671768236.cds031.sj3.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30957
GET H/1.1	200 OK	white-phone-header.8a484898163483972d21.svg rbfcus.com/	2 KB 1 KB	9ms 9ms	Image image/svg+xml	2606:4700:3037::6815:4f46 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://rbfcus.com/white-phone-header.8a484898163483972d21.svg Requested by Host: rbfcus.com URL: http://rbfcus.com/ Protocol HTTP/1.1 Server 2606:4700:3037::6815:4f46 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2c0b8abef50020a91c0b8f07a8478c65eea5bd77446467b9a44ae1b1d98828b7` Request headers accept-language jp-JP,jp;q=0.9 Referer http://rbfcus.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 23 Dec 2022 04:03:56 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 48347 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Last-Modified Tue, 08 Nov 2022 14:04:04 GMT Server cloudflare ETag W/"636a61d4-675" Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDOgaPLGESXKkoxq3SpHEO435%2FZq0ZIG0hzlAyySGzIZCDNTASbIqLC1DPkMSsQBonBbAY9YPqLvc2GSnZKz3p%2F7DMxP84jFFLODgJPv7cL5pm2pH94cbkoxKOR5nqf1BOAOrwFItDVM"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml Cache-Control max-age=315360000 CF-RAY 77de35d6a9baf61d-NRT Expires Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Randolph Brooks Federal Credit Union (Banking)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://rbfcus.com/index_files/common.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://rbfcus.com/index_files/util.js.%D0%91%D0%B5%D0%B7%20%D0%BD%D0%B0%D0%B7%D0%B2%D0%B0%D0%BD%D0%B8%D1%8F Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
rbfcus.com
2001:4de0:ac18::1:a:3b
2606:4700:3037::6815:4f46
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
2c0b8abef50020a91c0b8f07a8478c65eea5bd77446467b9a44ae1b1d98828b7
3b685fc80761bded5bdd110ea99d3dbd545712c919e85562d07a1bb9cd5192d4
3dff3ca4b7e7bdeb6a9ee2c92c7141a270ab5f2373304299a99339ef96454759
6c4133ff5eff0f23ca2f6fdaceea1d4dd3a91e499a0b0aef688b0f31206b0328
8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
c6beefa602ca964349befc6959bfd33792a22cf5d9b32122584abf8f7b3aeed5
e20ad01a389913b4bc242fbc50c644aaa4b89f4bf113614adf6bf2cc37338329
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
ffb70eb1b3d03a213e07d281dd425b34bd4e99bdf0823f937b97e0318272ffae

rbfcus.com Open in urlscan Pro 2606:4700:3037::6815:4f46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

13 Requests

8 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

154 kBTransfer

521 kBSize

0 Cookies

1 Outgoing links

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

rbfcus.com Open in urlscan Pro
2606:4700:3037::6815:4f46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

8 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

154 kB
Transfer

521 kB
Size

0
Cookies

13 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!