www.als-trading.co.uk Open in urlscan Pro
2606:4700:3032::ac43:96cb Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://smarttservis.sk/cgi-bin
Effective URL:
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Submission: On March 28 via manual (March 28th 2021, 4:57:01 pm UTC) from SK

Summary HTTP 13 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3032::ac43:96cb, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.als-trading.co.uk.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.

This is the only time www.als-trading.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Vub Banka (Banking)

Domain & IP information

	IP Address	AS Autonomous System
3 3	2606:4700:303... 2606:4700:3036::ac43:b073	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 14	2606:4700:303... 2606:4700:3032::ac43:96cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.140.233.34 72.140.233.34	54412 (RCC-GRANI...) (RCC-GRANITE-1)
13	3

3 2606:4700:3036::ac43:b073 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

smarttservis.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3032::ac43:96cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

www.als-trading.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.140.233.34 (Canada)

ASN54412 (RCC-GRANITE-1, CA)
PTR: unallocated-static.datacentres.rogers.com

seal.entrust.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	als-trading.co.uk 2 redirects www.als-trading.co.uk	1 MB
3	smarttservis.sk 3 redirects smarttservis.sk	2 KB
1	entrust.net seal.entrust.net	8 KB
13	3

	Domain	Requested by
14	www.als-trading.co.uk	2 redirects www.als-trading.co.uk
3	smarttservis.sk	3 redirects
1	seal.entrust.net	www.als-trading.co.uk
13	3

This site contains links to these domains. Also see Links.

Domain
www.vub.sk
nib.vub.sk
www.entrust.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-08` - `2021-08-08`	a year	crt.sh
seal.entrust.net Entrust Certification Authority - L1M	`2020-03-03` - `2022-06-02`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Frame ID: BCCEC880DA591DFFEF2B53B4FFDD21FE
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://smarttservis.sk/cgi-bin HTTP 301
http://smarttservis.sk/cgi-bin/ HTTP 301
https://smarttservis.sk/cgi-bin/ HTTP 302
https://www.als-trading.co.uk/vub2/ HTTP 302
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a HTTP 301
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1427 kB
Transfer

4709 kB
Size

5
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.vub.sk/

Search URL Search Domain Scan URL

URL: https://www.vub.sk/sk/kontakt/
Title: Kontaktujte nás

Search URL Search Domain Scan URL

URL: https://www.vub.sk/sk/informacny-servis/pravne-informacie/
Title: Právne informácie

Search URL Search Domain Scan URL

URL: https://www.vub.sk/elektronicke-bankovnictvo/internet-banking/faq/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://nib.vub.sk/pch/predaj-uctu
Title: Zriadenie prístupu

Search URL Search Domain Scan URL

URL: https://www.vub.sk/informacny-servis/cezhranicna-konverzia
Title: Cezhraničná konverzia

Search URL Search Domain Scan URL

URL: https://www.entrust.net/customer/profile.cfm?domain=nib.vub.sk&lang=en

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://smarttservis.sk/cgi-bin HTTP 301
http://smarttservis.sk/cgi-bin/ HTTP 301
https://smarttservis.sk/cgi-bin/ HTTP 302
https://www.als-trading.co.uk/vub2/ HTTP 302
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a HTTP 301
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Redirect Chain

https://smarttservis.sk/cgi-bin
http://smarttservis.sk/cgi-bin/
https://smarttservis.sk/cgi-bin/
https://www.als-trading.co.uk/vub2/
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a
https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/

33 KB
7 KB

42ms
42ms

Document
text/html

2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a20b793e252cc4fb33ba98d00ff025cccf80d183088652c2f84e6ad6136be48

Request headers

:method: GET
:authority: www.als-trading.co.uk
:scheme: https
:path: /vub2/d360a502598a4b64b936683b44a5523a/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=df40baa8b7d20f280f9135579cfee11371616950598
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
cf-cache-status: DYNAMIC
cf-request-id: 091b5d33d400004abc8c04d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Akm1WB9XuVjNNdZz97h7rdJ8COcAO%2Fp4vn9tslR0nYRu%2FEIen2Ena6ldCps1004vyAWUbyUUvkwTbHEW062HFPCexAGmBuO34GFIaZ6ydHLJCrWDftF7FMZxZl1OzdWH3lY%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63726499582d4abc-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-type: text/html; charset=iso-8859-1
location: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
cf-cache-status: DYNAMIC
cf-request-id: 091b5d339e00004abca83cd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pK%2F3cD2tKZuhkIMIALiktpjn%2BKHYpYIh5lBOBrXMlNnu6ufUoCu0PbgqZaBGZ9UHkIY4lrLOC%2FOG2nwVeuz8UfBnCxNX14FuQy222Oz630OV7pU0ZLFo8FQOdkmzFlAlHw%3D"}]}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63726498ff684abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 external.css
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 312 KB
32 KB 121ms
121ms Stylesheet
text/css 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/external.css
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca5fdfaf4f568a725beb9ba3cc8f6392a1368c0e1a69ff8719a91f293f309cf

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"4e0ed-5be9ba60b8241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=O4tLaBNGyGFP0yPDtBNAUSHRdpUD9brf3N4GICy6giWTLOh0X5EkGiNs0bwq8OiGGkM2LcPsVN6ub42QRb32Ej6HiHzr33yJA8f4fGCxXFOFGMpE7HrfgnSjEAnOOrL7zPI%3D"}]}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 6372649998e54abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340400004abcc691a000000001

GET
H2 200 vub.css
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 853 KB
173 KB 218ms
218ms Stylesheet
text/css 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e97deccbeaa32661bfa1faa8c619d01b4d3335c99018866f0957cd7521f42a3

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"d52d2-5be9ba60b91e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uOQucO6Oto2wcMIeLGAcWwYzl%2FkQk74h8D1ZcInigNvdilnqk%2Fi9RBIIMfRBhg0WbIK7LxnykMclLfExnW9TZ2y1cXd1C2QYE8m5osetvxysKv0ICIGkPzbRnZ3Vv0u9N9k%3D"}]}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63726499a8e64abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340400004abcad1c0000000001

GET
H2 200 api.js Show response
www.als-trading.co.uk/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 9ms
8ms Script
text/javascript 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.als-trading.co.uk/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EaajqLIS0BQRvzvDu2%2FF3EB%2FxtMdN21Aof1wgoIimR%2F8kYZW%2F7UpR6lZUYmbg74Xc%2BwZmDIKslYtm%2F%2BmD2y5xWCmUnGAyV9IVFlfDcIorSX2%2FQLkSsDkRzCjuOXX9cOmFko%3D"}]}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 63726499a8ed4abc-FRA
cf-request-id: 091b5d340500004abcb5285000000001

GET
H2 404 documents
www.als-trading.co.uk/nibr/cms/ 31 KB
31 KB 1156ms
1155ms Image
text/html 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.als-trading.co.uk/nibr/cms/documents?fn=/images/vubweb/multichannel/redesign_nb/login_ib/prelogincommercialimage.png
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dde1243d06d43b7ae132d3f26f82a0e0e884b8d0a03a6d802b9f329f95e036b

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340500004abcb22f8000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bs%2BC%2B%2B1E6JHsHf6hP%2Bhydji3cWlUqsQpkS02OckEkZWZBTywfi%2F4Nobu1fObS8tcdXftupMWlegnpJLHsWsPEo6ybSNahlnTnu6wbiaoLzIaMd064B5zVxWRZj7NSjwGBm4%3D"}]}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 63726499a8ee4abc-FRA
link: <https://www.als-trading.co.uk/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK entrust_site_seal_xs.png
seal.entrust.net/en/current/ 8 KB
8 KB 1363ms
368ms Image
image/png 72.140.233.34
RCC-GRANITE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://seal.entrust.net/en/current/entrust_site_seal_xs.png

Requested by

Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.140.233.34 , Canada, ASN54412 (RCC-GRANITE-1, CA),

Reverse DNS

unallocated-static.datacentres.rogers.com

Software

Resource Hash

abe216d9c57b8b1e3780182e8a6e015e8a9a68c5a1888879c64a970c17365864

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://www.als-trading.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 28 Mar 2021 16:56:39 GMT
Last-Modified: Thu, 27 Aug 2020 20:00:14 GMT
X-Frame-Options: DENY
Content-Type: image/png
Cache-Control: private
Connection: close
Accept-Ranges: bytes
Content-Length: 7738

GET
H2 200 common.js Show response
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 1 KB
924 B 108ms
107ms Script
application/javascript 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/common.js
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c23a901b12a9e17069c218a824d981660299a06a1b0e12e4fad396469378570d

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"4ed-5be9ba60ba181"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oIZGyBbkNZR2qc481MpBiBySRdxaVU4LdmlYGBmfBwyqsPAaeOcUX2HuKDrWF7ajMQmxG59%2FhLKWbC82CxqWYJ8AEuzejHQGzTwnGe93c9mHZ4%2FLWrQCU%2BxyfegPhEjODHs%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63726499a8f14abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340600004abc8c051000000001

GET
H2 200 client.js Show response
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 3 MB
642 KB 230ms
229ms Script
application/javascript 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/client.js
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2584708f50c2998033c098ba8a13cba0532f6cf1e2d2ec240fadf77dc2ec72a8

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"2d7156-5be9ba60b91e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uIOD7TZOchEix665wYcs5bsYVOVRb2VrqC8iEyF5qv4xaY1isFebl93YRQahj9jQDQzZQIip%2FdbNoLGQ6eoMHmH01e3WQ%2FhhrdvbFzC0atV5wFUwwafXLUe3a3xft3sGFNQ%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 63726499a8f24abc-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340600004abcdaace000000001

GET
H2 404 all.js
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 0
0 1122ms
1121ms Script
text/html 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/all.js
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:39 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 091b5d340600004abcd5bd3000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OcaFCLYC6VATIVCivUsXz%2Bg2%2BoxRozKgDjJGTDEGP0WXUCwrQd0CgYRFPKvi7lMmJoNSckQ%2BmMrApHdxCX8f2U3l8O0NOMX008fm%2B6BO%2BEQ4le7ekn7xF2ri86WEd2LqsPs%3D"}]}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 63726499a8f44abc-FRA
link: <https://www.als-trading.co.uk/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2665211418355e44e2242af34ba05ddb2a5afdc31f8d9b51ec30ff4e230dd4ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 326c5ad41f4fee17fbdffb7295f413ee.jpg
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 439 KB
440 KB 76ms
76ms Image
image/jpeg 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/326c5ad41f4fee17fbdffb7295f413ee.jpg
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b6f2260eb186615573feee9a18482a1a8a48bea4d16998fb872a2f90eabe2d7

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 449840
cf-request-id: 091b5d350300004abc81364000000001
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"6dd30-5be9ba60b8241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GJ1DhnoFvg6vEtsUb3ziq4gKLzfpMyvUiL0PmUx3ZkaxPRd5iohM97hbNeLTeJ%2BH9Al4oBCfOaZwtAHo1Z9wrxKMRTSLFhANwKq7qXx4VMfQ8rGU2U6ZuoLd7ipirXwIezA%3D"}]}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6372649b3be64abc-FRA

GET
DATA 200
OK truncated
/ 659 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6e8db1b49f0d9e040e95568691920b99040039d2cfa64d949f7e5bf82bb55fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cc799d3f27c5ccb431502b70c5ced338d84402f3af7f3b6daf9d7277117311c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b781f5e0307b3db8ae5115db02a66dc72baf60f78e7598bfa3c74e30e50f69bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 f5278935e5d452dabe1f3ea40ddb94f9.woff2
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 46 KB
46 KB 69ms
69ms Font
font/woff2 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/f5278935e5d452dabe1f3ea40ddb94f9.woff2
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45f65ae82107427f1dbaf04abff5f997f8c6253409bad7e0db8f4d8be4feac85

Request headers

Origin: https://www.als-trading.co.uk
Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46616
cf-request-id: 091b5d350600004abcb230c000000001
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"b618-5be9ba60b8241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7TZ1fOryhl%2BEGJ2uudh2P6lvx3MgQy5I5e0fiwHWzyd3%2F6%2Bg%2BNQ8wlyW8kSKm1ErZWlCf0DxeUIfJWyK403L2BKKAEwIAeO9PyA%2FLV9sRdg4oy7QFrdlug750N50%2B8wZwR8%3D"}]}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6372649b3bf84abc-FRA

GET
H2 200 92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2
www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/ 36 KB
36 KB 56ms
56ms Font
font/woff2 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/92ddf6b1d7b9c73d1e800f5b79d5bea6.woff2
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a359520a00657c09d7a3ff7bfcd6cb0fbc131b3fa1b71910b6c174f9fc9895e

Request headers

Origin: https://www.als-trading.co.uk
Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/vub.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 28 Mar 2021 16:56:38 GMT
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36484
cf-request-id: 091b5d350600004abc8c063000000001
last-modified: Sun, 28 Mar 2021 16:56:38 GMT
server: cloudflare
etag: W/"8e84-5be9ba60b8241"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AggcyEvtN38WBa%2FwyfydwB2CW5%2BTa6ReGTyIhPBy3nfatrLD9rviGBlhuErN0oHMtFdZ2Ru%2BrNHHCwvl1MirnrDuBTlIq1SdtxpLnH4SqWBER84bW67QAHe7lG6ZmX7alhg%3D"}]}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6372649b3bfb4abc-FRA

POST
H2 204 result Show response
www.als-trading.co.uk/cdn-cgi/bm/cv/ 0
527 B 11ms
10ms XHR
text/plain 2606:4700:3032::ac43:96cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.als-trading.co.uk/cdn-cgi/bm/cv/result?req_id=63726499582d4abc
Requested by: Host: www.als-trading.co.uk
URL: https://www.als-trading.co.uk/cdn-cgi/bm/cv/669835187/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:96cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.als-trading.co.uk/vub2/d360a502598a4b64b936683b44a5523a/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 28 Mar 2021 16:56:39 GMT
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1X%2FDcixt1JaDNt9JYwV6Q1aLM11FQRhgDjE1H5FRCXaWRy70%2BZRDbQm65hYjpQwklF0l%2BnCEfQyg%2F1uoPrHJeUMLqjtZ20PgzSguGbuNWuALGGrrqLd0qE7jsgr85lQLNPY%3D"}]}
cf-ray: 637264a149164abc-FRA
cf-request-id: 091b5d38cf00004abcdbb14000000001

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Vub Banka (Banking)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.als-trading.co.uk/	1970-01-19 17:09:12	Name: __cf_bm Value: 2939814dc6f81fe82195ef10b2d91dd5e284e15f-1616950599-1800-AfzE6DpJNebU2yVrLamyJG1zkMSoCea3BytyFc9BZtHagfb2OqH110vYzOsfvOtp/9U5bWOwE/1QLktHl/IjVp1oYatq6RJ/jEYuj3XIcZsnJ+WfENkuBHMI5XZfxkpqmkAeYth6jwoTvgGfU2aaQTg=
www.als-trading.co.uk/	1970-01-19 17:12:03	Name: wp_woocommerce_session_7798a00d3808f64226faf5d789e0d5d5 Value: 12919a499bd898f451ff0dd9472b03a6%7C%7C1617123399%7C%7C1617119799%7C%7C69e32fcbc178f47a2b688dfbd8802ae1
www.als-trading.co.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: d16fc227676b84b190c4bcc6550866b2
www.als-trading.co.uk/	1970-01-19 17:12:03	Name: yith_ywraq_session_7798a00d3808f64226faf5d789e0d5d5 Value: e20fd46b7a531cc9d0a4975ae07166ae%7C%7C1617123399%7C%7C1617119799%7C%7C2fbc78649dd1a490baeccf8d75817345
.als-trading.co.uk/	1970-01-19 17:52:22	Name: __cfduid Value: df40baa8b7d20f280f9135579cfee11371616950598

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

seal.entrust.net
smarttservis.sk
www.als-trading.co.uk
2606:4700:3032::ac43:96cb
2606:4700:3036::ac43:b073
72.140.233.34
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1a359520a00657c09d7a3ff7bfcd6cb0fbc131b3fa1b71910b6c174f9fc9895e
1dde1243d06d43b7ae132d3f26f82a0e0e884b8d0a03a6d802b9f329f95e036b
2584708f50c2998033c098ba8a13cba0532f6cf1e2d2ec240fadf77dc2ec72a8
2665211418355e44e2242af34ba05ddb2a5afdc31f8d9b51ec30ff4e230dd4ba
45f65ae82107427f1dbaf04abff5f997f8c6253409bad7e0db8f4d8be4feac85
5a20b793e252cc4fb33ba98d00ff025cccf80d183088652c2f84e6ad6136be48
9b6f2260eb186615573feee9a18482a1a8a48bea4d16998fb872a2f90eabe2d7
9e97deccbeaa32661bfa1faa8c619d01b4d3335c99018866f0957cd7521f42a3
a6e8db1b49f0d9e040e95568691920b99040039d2cfa64d949f7e5bf82bb55fc
abe216d9c57b8b1e3780182e8a6e015e8a9a68c5a1888879c64a970c17365864
b781f5e0307b3db8ae5115db02a66dc72baf60f78e7598bfa3c74e30e50f69bd
c23a901b12a9e17069c218a824d981660299a06a1b0e12e4fad396469378570d
cc799d3f27c5ccb431502b70c5ced338d84402f3af7f3b6daf9d7277117311c9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fca5fdfaf4f568a725beb9ba3cc8f6392a1368c0e1a69ff8719a91f293f309cf

www.als-trading.co.uk Open in urlscan Pro 2606:4700:3032::ac43:96cb Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

13 Requests

100 %HTTPS

67 %IPv6

3 Domains

3 Subdomains

3 IPs

2 Countries

1427 kBTransfer

4709 kBSize

5 Cookies

7 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

5 Cookies

Indicators

www.als-trading.co.uk Open in urlscan Pro
2606:4700:3032::ac43:96cb Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

1427 kB
Transfer

4709 kB
Size

5
Cookies

13 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!