sudanupdates.com
Open in
urlscan Pro
84.54.50.156
Malicious Activity!
Public Scan
Submission: On February 26 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.
This is the only time sudanupdates.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
28 | 84.54.50.156 84.54.50.156 | 211252 (AS_DELIS) (AS_DELIS) | |
2 | 195.234.141.135 195.234.141.135 | 16182 (SANTANDER...) (SANTANDER_BANK_POLSKA_S_A) | |
1 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.114.96.12 188.114.96.12 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
32 | 4 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
28 |
sudanupdates.com
sudanupdates.com |
213 KB |
2 |
centrum24.pl
www.centrum24.pl — Cisco Umbrella Rank: 468211 |
|
1 |
cdnmetric.com
api.cdnmetric.com — Cisco Umbrella Rank: 410786 |
771 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 195 |
3 KB |
32 | 4 |
Domain | Requested by | |
---|---|---|
28 | sudanupdates.com |
sudanupdates.com
|
2 | www.centrum24.pl |
sudanupdates.com
|
1 | api.cdnmetric.com |
sudanupdates.com
|
1 | cdnjs.cloudflare.com |
sudanupdates.com
|
32 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
santander.pl |
pl-pl.facebook.com |
www.youtube.com |
www.centrum24.pl |
ibiznes24.pl |
www.inwestoronline.pl |
www.santander.pl |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sudanupdates.com R3 |
2023-02-24 - 2023-05-25 |
3 months | crt.sh |
centrum24.pl Certum Extended Validation CA SHA2 |
2022-08-02 - 2023-08-02 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://sudanupdates.com/
Frame ID: EEA331D24D55E14A3CF9936DB9F685AB
Requests: 32 HTTP requests in this frame
Screenshot
Page Title
Logowanie do Santander internetDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Title: Formularz kontaktowy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Znajdź oddziały i bankomaty
Search URL Search Domain Scan URL
Title: Santander internet
Search URL Search Domain Scan URL
Title: iBiznes24
Search URL Search Domain Scan URL
Title: Inwestor online
Search URL Search Domain Scan URL
Title: Więcej
Search URL Search Domain Scan URL
Title: więcej >>
Search URL Search Domain Scan URL
Title: Tutaj
Search URL Search Domain Scan URL
Title: santander.pl/PAD
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
sudanupdates.com/ |
17 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
advisor-ver-00F1FDCE7C3643575F84616ACC69E281.css
sudanupdates.com/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr-ver-8E29EEF1E1AC823AC486E76ABF208ED3.js
sudanupdates.com/js/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ver-8FB8FEE4FCC3CC86FF6C724154C49C42.js
sudanupdates.com/js/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wicket-ajax-ver-04D5389C5F00ED98AD39E57EBB5AA818.js
sudanupdates.com/js/ |
42 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wicket-modal-ver-3D15441E834292F7C1EAD631905AABD8.js
sudanupdates.com/js/ |
21 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wicket-modal-ver-E99D4201F0F6C5D3081AD42ACB1F22C2.css
sudanupdates.com/css/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simpleModal-ver-D5FD89F8514298A81ACB30EBEDB2C0A2.css
sudanupdates.com/css/ |
2 KB 847 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
simpleModal-ver-06139C7C7E9A9B8D9A30CFFE1BAA71FE.js
sudanupdates.com/js/ |
351 B 565 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltip-ver-52633DCAFF113B347C90073DB91A482E.css
sudanupdates.com/css/ |
2 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-transition-ver-0A47AAFF7AFCA3B3485A6A845782947F.js
sudanupdates.com/js/ |
2 KB 991 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-modal-ver-D73745175D40F05B339406F168BFD100.js
sudanupdates.com/js/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-tooltip-ver-6AE9DC400F463921E1DED65DB0556DFC.js
sudanupdates.com/js/ |
21 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap-popover-ver-3782DF41A2EBE1257EDED4E19F39CA02.js
sudanupdates.com/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gain-access-ver-6AC4D55C4DB9F67BE6F207D39F9E8093.css
sudanupdates.com/css/ |
990 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modal-window-ver-AEEF53CDE0FC9D41683717E687A34650.css
sudanupdates.com/css/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button-ver-CFFBA29161EABF7EB60C4DC1411DE0D2.css
sudanupdates.com/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
topbar.css
sudanupdates.com/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logowanie-ver-5C29E657F8A1646E1ED6796B6D9707B9.css
sudanupdates.com/css/ |
29 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
santander-font.css
sudanupdates.com/css/ |
6 KB 983 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
opensans-font.css
sudanupdates.com/css/ |
3 KB 617 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
santander-red.svg
sudanupdates.com/fonts/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mediaImage
www.centrum24.pl/centrum24-web/common/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tooltip-icon.svg
sudanupdates.com/fonts/ |
812 B 968 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log_question_big.png
sudanupdates.com/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
log_excl_gray.png
sudanupdates.com/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mediaImage
www.centrum24.pl/centrum24-web/common/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
processing.gif
cdnjs.cloudflare.com/ajax/libs/file-uploader/3.7.0/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderMicroTextW05-Rg.woff2
sudanupdates.com/fonts/ |
35 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderMicroTextW05-Bold.woff2
sudanupdates.com/fonts/ |
35 KB 35 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderMicroTextW05-SmBd.woff2
sudanupdates.com/fonts/ |
36 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
static.js
api.cdnmetric.com/get/ |
198 B 771 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless object| Modernizr function| $ function| jQuery object| Wicket function| bindCloseActionToModalOverlay function| hideCloseModalButton object| centrum24 function| loadData string| r string| t1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
sudanupdates.com/ | Name: PHPREFS Value: full |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.cdnmetric.com
cdnjs.cloudflare.com
sudanupdates.com
www.centrum24.pl
188.114.96.12
195.234.141.135
2606:4700::6811:190e
84.54.50.156
00d3cc1b3b7ce5de923a7afcc7e3c485765245561e925ae691efe582d3835844
037717f3efeeeab4203e26ffb64a561ef664027040f876092ed09f55f731f38c
03a8dbe99ab6907e6f2705fc5babe5ecf86485f1b8eeb7f63e815d1dccdd8b24
102481f4363d9070b4bf992b3c1d6c4d3e59f41e1a5384eb7cc56b2fa0a03da2
15d8a431b2696fb0062931d013ec93c8292fa011b7e0dbd6195a8433f72fce98
168e20b57973967a1da0c39de20c3303874bad2f58bdfd8913d0ab5bc1e4a906
1bbd5880c2c37e00eed10bdc865c3e1b2bd542af2990c69f0f569df83607fb23
2f65a399e038c685067b1167da6a4e7c64854be8f240b9e7d80e4762f2dac069
30a1d7f8020c19cf56cddb016c8349eefda4129071aa03878ed4540d0b9a0a54
415e3c557d74388c551d77497112a216601c88025d95e3c28b3fad4082d8863e
42851481e9ddf013d0714bf870c547931d7c7e62725af27d980dd6a861549b2c
4b2393bd62c087f96a13f43afec4bea042d84f9392d7e0cd4d35e2ece9e689bf
4e0e6ff70db6039b164fd1e7dd5ea1eeb4da7f5c88b5e9f7922dcf99e9e7adb9
601a9bee7fb1d437f4c47b22791aba048bea62a8e0cec7bb7bf4fddc2262fc46
6e8227889d0ac92968428f857e2328759701805a2aed23a8f89a286ed917e9dc
7d4811f2ec41c08d2fd6ac616ebe9f74497c9ee48649c6475508c251838ce5ee
7edef5bb27d7a718c4311701a224afadc64ed7f614e49cb958b4827386f73480
8bd090480a7497b1cf0690275c147ae2184878d3ff5d48bbb31ae56ee217c649
8fa7e82dfaee00772362545fbfa01e580bb9e98677650730fceed697cc83b040
c3518213f72e691ac42e6fd374ba49d7504f9c4b8fc48b5b4c8fcf7e414efcb2
c5f97fa8d1d27fa8c6a4b7ba916496541402bdfe1436c2051c30a55c6a15d35b
cfd5fbf7fe950d1e6742fe82860b474ec2651fac19fb5b575efee4ddba261d7d
d19800c3de6cb65d552b38e05eb2cff3011dd53d9da33929ca99701560eccc9e
d1eda795df747f26a98cf78d128101bcdf0db9f65f7fbf7dc8d316d1d4e94054
db1a4ae0109e9a1d286ea2527ffa514886626cf31f457516996b26c3719a0a61
dfd38a036a1ed2f6362413696c71555c108aa06b2ffef68577705df1b1983bc2
e0e8f53f5f4bc85cb742136772af03d5f0fb60ad63f3f64d51091410ea468393
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efef210198a75adacd0d3e726500fde192fc94320e4acbf90eb3a4d877215a2d
f2f7b524c0f1bb0f494a170784499d935b3bc444ce4d42da8e90929f86e66e4f
fb6fbc2472fd884388d8bc4e4123a272c3d7cbfce8a8f1bc388fca16392dee54