www.als-trading.co.uk
Open in
urlscan Pro
2606:4700:3032::ac43:96cb
Malicious Activity!
Public Scan
Effective URL: https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/
Submission: On January 15 via manual from GB
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.
This is the only time www.als-trading.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banca Comercială Română (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 19 | 2606:4700:303... 2606:4700:3032::ac43:96cb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 213.150.17.10 213.150.17.10 | 12895 (IT-AUSTRI...) (IT-AUSTRIA Vienna) | |
24 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
als-trading.co.uk
2 redirects
www.als-trading.co.uk |
1 MB |
3 |
bcr.ro
login.bcr.ro |
3 KB |
24 | 2 |
Domain | Requested by | |
---|---|---|
19 | www.als-trading.co.uk |
2 redirects
www.als-trading.co.uk
|
3 | login.bcr.ro |
www.als-trading.co.uk
|
24 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-08 - 2021-08-08 |
a year | crt.sh |
api.bcr.ro DigiCert SHA2 Secure Server CA |
2020-01-27 - 2022-01-27 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/
Frame ID: 56BD3FCFFEB334F210F3CD62F92A9D84
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.als-trading.co.uk/wp-includes/fonts/bcr/
HTTP 302
https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac HTTP 301
https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.als-trading.co.uk/wp-includes/fonts/bcr/
HTTP 302
https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac HTTP 301
https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac//loading.47bfb4f992f1024a970b.svg HTTP 301
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/loading.47bfb4f992f1024a970b.svg
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac//open-sans-v14-latin_latin-ext-regular.ac497cd0d254e9d64907.woff2 HTTP 301
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-regular.ac497cd0d254e9d64907.woff2
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac//open-sans-v14-latin_latin-ext-600.9ccfcd076680405b75f2.woff2 HTTP 301
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-600.9ccfcd076680405b75f2.woff2
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac//open-sans-v14-latin_latin-ext-700.ab595f19034d0add69e3.woff2 HTTP 301
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-700.ab595f19034d0add69e3.woff2
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Redirect Chain
|
73 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ho74yr2o6su3unsluqs2u47vagy6dn5etopjzt7xd68qp89ckgdr3pwbqsyotrdd.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
211 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.b1be9701dd2e12270035.css
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
729 KB 97 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.084717e20912fc2bdd1f.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
53 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.038c43a463230cbc476f.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
316 B 522 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6.891f746a22d349a02fcc.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
229 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logoBlue.png
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
united-kingdom-uk.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
1 KB 874 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
username-input.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
571 B 681 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-bcr.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
1 KB 984 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animated_george_ro.gif
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
570 KB 571 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.7a607382276728ce042d.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.e4a742ab71075584ffd1.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
150 KB 48 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.ca0c8f19b236cc615cde.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
204 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.7050b10cea8b7c3bfbb9.js.t%C3%A9l%C3%A9chargement
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac// |
925 KB 218 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
left-arrow.f92e3e7d8ebe9772551f.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ |
28 KB 28 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.47bfb4f992f1024a970b.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ |
28 KB 28 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
loading.47bfb4f992f1024a970b.svg
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
open-sans-v14-latin_latin-ext-regular.ac497cd0d254e9d64907.woff2
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
open-sans-v14-latin_latin-ext-600.9ccfcd076680405b75f2.woff2
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
open-sans-v14-latin_latin-ext-700.ab595f19034d0add69e3.woff2
www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
594na9gg5ieuhhqr8fj1
login.bcr.ro/E3TeyPXjr/ |
196 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
594na9gg5ieuhhqr8fj1
login.bcr.ro/E3TeyPXjr/ |
72 B 1017 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
594na9gg5ieuhhqr8fj1
login.bcr.ro/E3TeyPXjr/ |
0 945 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.als-trading.co.uk
- URL
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/loading.47bfb4f992f1024a970b.svg
- Domain
- www.als-trading.co.uk
- URL
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-regular.ac497cd0d254e9d64907.woff2
- Domain
- www.als-trading.co.uk
- URL
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-600.9ccfcd076680405b75f2.woff2
- Domain
- www.als-trading.co.uk
- URL
- https://www.als-trading.co.uk/wp-includes/fonts/bcr/f1ababf130ee6a25f12da7478af8f1ac/open-sans-v14-latin_latin-ext-700.ab595f19034d0add69e3.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banca Comercială Română (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
login.bcr.ro
www.als-trading.co.uk
www.als-trading.co.uk
213.150.17.10
2606:4700:3032::ac43:96cb
08127ee8e176edc30ebc250a46df6617d032f051c69e5207d8f4cb3b67ea24f1
164dd9220deb8b30ea3730e6b1330f568850e08b1d5ffb29e4c9cf5757e0af04
2a1ae5aabcbf783103edfe7ee2ea39c168ed1c28856497e8951ade5c735e60f4
5423466a6fa535e4e4e14bc2863371639b87ab2082a813afd1653a82bbe30481
5936b7fdf450aa923ff14e1f8f3931b9a7187ec52dead5ecc71378cd07a2245a
6010be90943c6d9f87608cdd8b4d8306431a7669376e6a491b11ea2dc2a22293
6be5af03b4afd977e62745a232ab50eab1987274a8613c9509ffb92a69c797f8
7d0e419128063fd3d993214f54946694e4ac4e42b76c017aa458e0554ed3cd0a
7edabd6f76fef6dbf753092bc143c003ca0c0328c1008979d891828a586db6f1
98a2bc868b9e417ea3f744c902bd784522c4b6e598dc450ae117b245d2c63b59
a00971707be44fc9e9d6501354ec558398da9b69c0f3a5c07c6e9ca18aeae5d6
a00affb10cb698b35d24f848d0b4acf52aeef3bda0c9c3be99eae9ec35dffc57
ab2f47220d6401f653977ff5258ed41672ac73694639fde6a64d7f5f03eb2f8a
b550178154025fcb8af6bc0cba2a57e5e69c3ca0763130fd920df230aeb5bc1d
c6877717f9d15962857fb1d0455a92449077e57da14830ea11eea9117704db44
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef5e02c3e87bd1bc096881b86f9d36bbd0d6d0e07f5090061add1a8565fbf147
f0b0333f8d90e54d70dd59180db8cc7ac0db7e4c6b0723150ae3d5d5449718bb
f129b693ee216899b33117035120095aac19c049969ed2cec211a3e3847e06a2
ffd71652de42df231999b954473ec17f9e27ea01819b3a598fe432c667e6975a