alert-navyfederal.web.app
Category: Hosting, Phishing
To use full-featured product, you have to purchase a license for Combo Cleaner. Limited seven days free trial available. Combo Cleaner is owned and operated by RCS LT, the parent company of PCRisk.com.
Description of alert-navyfederal.web.app
This domain appears to be a page hosted on the web.app platform, which is commonly used for cloud-hosted web applications and landing pages. Based on the page title and meta description, it presents itself as related to Navy Federal Credit Union and references services for military members, veterans, and Department of Defense personnel. The domain string combines the word "alert" with "navyfederal," which suggests it may be intended to look associated with that financial institution rather than serving as an official primary domain.
Available classification data associates the page with financial services, while other sources categorize it as hosting or phishing-related. The screenshot shows a sparse loading-style page rather than a fully rendered banking interface, which may indicate a temporary landing page, incomplete content load, or a staged imitation page. Based on the domain structure and branding cues, the site appears to be attempting to represent or reference Navy Federal rather than operating under the institution's known main web presence.
Safety Assessment for alert-navyfederal.web.app
Several security signals indicate elevated risk at the time of this scan. The domain was flagged by 14 out of 91 security engines, with multiple detections describing the page as phishing-related. In addition, the page title and metadata reference a major financial institution, but the site is hosted on a third-party web.app subdomain rather than an apparent official banking domain. That mismatch is a common warning sign for credential-harvesting or brand-impersonation pages.
Blacklist and reputation data were mixed rather than fully clean. Major content-malice databases shown here did not detect threats at the time of this scan, but the domain's IP address was listed on one mail-reputation blocklist, and one additional blacklist source also returned a listing. The malware scan did not identify confirmed malicious files, though it did apply a generic malicious label to the domain and several linked assets, which may reflect heuristic pattern matching rather than a confirmed payload.
The strongest concern is the apparent imitation of a financial brand on an unrelated hosted subdomain, combined with multi-engine phishing detections and a very low published trust score. Based on these findings, this website may pose potential risks to visitors.
Technical Description
The site uses a valid TLS certificate issued through Google Trust Services and is hosted on Google LLC infrastructure at IP address 199.36.158.100. The domain uses Google nameservers and appears to be deployed as a hosted application on the web.app platform. DNSSEC is unsigned, which is not uncommon but does mean DNS responses do not benefit from that additional integrity layer.
From a security-review perspective, the main technical concern is not the certificate itself but the hosting context and branding mismatch: a cloud-hosted subdomain presenting financial-institution branding can be consistent with impersonation campaigns. The scan also noted a mail-reputation blocklist hit on the IP and generic heuristic flags on several static assets, though those asset names resemble standard web application files rather than clearly named malware components.
Share your experience with this website. Was it safe? Did you encounter any issues?