www.wart.ro
Open in
urlscan Pro
89.33.25.62
Malicious Activity!
Public Scan
Effective URL: http://www.wart.ro/Valleystrong/main/login.php?NESIN=5f44cc33aa76fc15588466b9b13065c6&p=main&session=1651675205
Submission: On May 04 via manual from US — Scanned from DE
Summary
This is the only time www.wart.ro was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Valley Strong Credit Union (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 24 | 89.33.25.62 89.33.25.62 | 205275 (ROMARG HO...) (ROMARG HOSTING) | |
1 | 2a00:1450:400... 2a00:1450:4001:80f::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2600:9000:249... 2600:9000:2490:a000:4:819e:800:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a00:1450:400... 2a00:1450:4001:802::2003 | 15169 (GOOGLE) (GOOGLE) | |
27 | 4 |
ASN16509 (AMAZON-02, US)
assets.orb.alkamitech.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
wart.ro
2 redirects
www.wart.ro |
204 KB |
2 |
gstatic.com
fonts.gstatic.com |
32 KB |
2 |
alkamitech.com
assets.orb.alkamitech.com — Cisco Umbrella Rank: 34608 |
51 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111 |
1 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
24 | www.wart.ro |
2 redirects
www.wart.ro
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | assets.orb.alkamitech.com |
www.wart.ro
assets.orb.alkamitech.com |
1 | fonts.googleapis.com |
www.wart.ro
|
27 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.apple.com |
play.google.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
*.orb.alkamitech.com Entrust Certification Authority - L1K |
2022-01-03 - 2023-01-03 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.wart.ro/Valleystrong/main/login.php?NESIN=5f44cc33aa76fc15588466b9b13065c6&p=main&session=1651675205
Frame ID: E83E11E6059456C35756DACB8C1974DF
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
LoginPage URL History Show full URLs
-
http://www.wart.ro/Valleystrong/index.php
HTTP 302
http://www.wart.ro/Valleystrong/main/ HTTP 302
http://www.wart.ro/Valleystrong/main/login.php?NESIN=5f44cc33aa76fc15588466b9b13065c6&p=main&se... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- \.php(?:$|\?)
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- <link[^>]+foundation[^>"]+css
Vue.js (JavaScript Frameworks) Expand
Detected patterns
- <[^>]+\sdata-v(?:ue)?-
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.wart.ro/Valleystrong/index.php
HTTP 302
http://www.wart.ro/Valleystrong/main/ HTTP 302
http://www.wart.ro/Valleystrong/main/login.php?NESIN=5f44cc33aa76fc15588466b9b13065c6&p=main&session=1651675205 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login.php
www.wart.ro/Valleystrong/main/ Redirect Chain
|
55 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
6 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-icons.css
assets.orb.alkamitech.com/production/icons/ValleyStrongCU/font/ |
113 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
yui-reset.min.css
www.wart.ro/Valleystrong/main/files/ |
793 B 735 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.min.css
www.wart.ro/Valleystrong/main/files/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.daterangepicker.min.css
www.wart.ro/Valleystrong/main/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ext-all.min.css
www.wart.ro/Valleystrong/main/files/ |
123 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base.min.css
www.wart.ro/Valleystrong/main/files/ |
197 KB 32 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid.min.css
www.wart.ro/Valleystrong/main/files/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sidebar.min.css
www.wart.ro/Valleystrong/main/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris.shim.desktop.min.css
www.wart.ro/Valleystrong/main/files/ |
673 B 669 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris.min.css
www.wart.ro/Valleystrong/main/files/ |
95 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-foundation.min.css
www.wart.ro/Valleystrong/main/files/ |
50 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-components.shim.desktop.min.css
www.wart.ro/Valleystrong/main/files/ |
1 KB 890 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iris-components.min.css
www.wart.ro/Valleystrong/main/files/ |
185 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
isotope.1.5.3.min.css
www.wart.ro/Valleystrong/main/files/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Authentication-Isotope.min.css
www.wart.ro/Valleystrong/main/files/ |
2 KB 933 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
theme.desktop.min.css
www.wart.ro/Valleystrong/main/files/ |
46 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fi.desktop.min.css
www.wart.ro/Valleystrong/main/files/ |
50 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Logo.png
www.wart.ro/Valleystrong/main/files/ |
33 KB 33 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app-store-badge.svg
www.wart.ro/Valleystrong/main/files/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
google-play-badge.svg
www.wart.ro/Valleystrong/main/files/ |
9 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
www.wart.ro/Valleystrong/main/files/ |
84 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
print.min.css
www.wart.ro/Valleystrong/main/files/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Alkami.woff2
assets.orb.alkamitech.com/production/icons/ValleyStrongCU/font/ |
41 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Valley Strong Credit Union (Financial)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| $ function| jQuery function| postrez object| urlx string| SesIN0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.orb.alkamitech.com
fonts.googleapis.com
fonts.gstatic.com
www.wart.ro
2600:9000:2490:a000:4:819e:800:93a1
2a00:1450:4001:802::2003
2a00:1450:4001:80f::200a
89.33.25.62
06cf32c38a14930eb6660873b0cafb2129f4892a37c1a44ebf22b0f9f702b159
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
16de9f0a2a469d0a308111c1e04266aa00c38e4ce5176090f0ffe0c110d37577
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dcf765854f1fe869b1674016feb1638870c1066f156f8d7dfd47b53d0dc093f
3035510b5cd2f036acdbd394fd38f4fb8e2daea33adba3968f3b6beb380a28f3
4ce72ae45e1aafaa5cd4cc684c0000459c6d154c31450aad92bbd51a34107c93
590fcd2ea2a3de691c86ecf564fff1fcb0982271cf723ae4d6e2453c9e6f5434
59f12ecd0c381fee3367ffac176a581a966727684a5ce94390b4390b2fc06ca4
5bed9d2f4811025c2bde2c4747db5f3cacc9e4547ea594a0468b1e4f00965df9
6e13aa59eba2dc31affcf48c4e325d26210771329029da02ee4b70dfff2e85ef
6f749c31b9bd707340af24736c98a45ac6c5f4ceee3692c69ecf6f3523cb08a0
80d9f310d81e0da146a1d4be60b46f0f86eab4527578772fee9dd93997a3eaae
86c9954e1457d27db013c1f10a96ffaba845e5af7765c4ef9df4ac1549e47d67
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8e9901c7a56cf78e86b90384c8a18329a0bc96c06f0ba87b239a0f4413b199eb
926a043116ef5ec60f62b05f8c13d415627991d8930a551410cf8d973a64ac6a
a277dd9a22a97f512f9024dbe82acb5468a168ec43bad3146b2cda9d93afd2fe
ab9c55dea4e2d8b7e988cb51b7f82d7dda04336a90e7b9400ac417198590077b
af3d2fa1936787a092448a66685e0664052e362b91664ac620cfad66c064e06b
bcf82308a4a42f5785de42dda6584b42785e242cc336bd5d8e937b6e2d0d816e
c90d28f4249d0f86f75f3cc3fe43c647bf2e22bb56985fc7c76c39ea01991dd4
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e4b9f0c0a5e74bbbde3c314a73fd18b1f5038cbda33e1e58e597dbee8f63d9e0
eeb70d9741e03650b3653d8ce97c184a2764761c45e55752ccdaaa39f5075f4f
f6fca06e2aac270b488f73bcf0a10d249e2722a015135e60dbb49360c5335a72
f9cdc3eed2e549dc825b5354ebcad5f4e6ee57547604c0b54346390051be741c