santanderno.wpenginepowered.com Open in urlscan Pro
141.193.213.10  Malicious Activity! Public Scan

Submitted URL: http://www.abacigualtatdegenere.com/css/
Effective URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Submission: On October 19 via manual from ES — Scanned from ES

Summary

This website contacted 4 IPs in 4 countries across 5 domains to perform 22 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is santanderno.wpenginepowered.com.
TLS certificate: Issued by E5 on September 18th 2024. Valid for: 3 months.
This is the only time santanderno.wpenginepowered.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: BankID (Banking) Santander (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 2a12:d280:100... 56958 (RAIOLANET...)
17 141.193.213.10 209242 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.131 15169 (GOOGLE)
22 4
Domain Requested by
17 santanderno.wpenginepowered.com santanderno.wpenginepowered.com
2 fonts.googleapis.com santanderno.wpenginepowered.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.abacigualtatdegenere.com 1 redirects
0 www.tecnicaturaat.ar Failed
22 5

This site contains no links.

Subject Issuer Validity Valid
wpenginepowered.com
E5
2024-09-18 -
2024-12-17
3 months crt.sh
upload.video.google.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.gstatic.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 1 frames:

Primary Page: https://santanderno.wpenginepowered.com/Santander/no/login.html
Frame ID: 5EEB08CDDC9A9F9208EF00FA6ADD4F8C
Requests: 22 HTTP requests in this frame

Screenshot

Page Title

Nettbank for kredittkort, lån og leasing – Santander Consumer Bank

Page URL History Show full URLs

  1. http://www.abacigualtatdegenere.com/css/ HTTP 307
    https://www.abacigualtatdegenere.com/css/ HTTP 302
    https://santanderno.wpenginepowered.com/Santander/no/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

91 %
HTTPS

50 %
IPv6

5
Domains

5
Subdomains

4
IPs

4
Countries

131 kB
Transfer

552 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.abacigualtatdegenere.com/css/ HTTP 307
    https://www.abacigualtatdegenere.com/css/ HTTP 302
    https://santanderno.wpenginepowered.com/Santander/no/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png HTTP 301
  • https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
Request Chain 20
  • https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png HTTP 301
  • https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login.html
santanderno.wpenginepowered.com/Santander/no/
Redirect Chain
  • http://www.abacigualtatdegenere.com/css/
  • https://www.abacigualtatdegenere.com/css/
  • https://santanderno.wpenginepowered.com/Santander/no/login.html
7 KB
2 KB
Document
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96886a2a69914f156e4361316999ab49be356b1637f91ff839719669022c20f5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d50614b0c7a3153-MAD
content-encoding
br
content-type
text/html
date
Sat, 19 Oct 2024 11:20:39 GMT
last-modified
Mon, 14 Oct 2024 04:24:54 GMT
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 13
x-cache-group
normal
x-cacheable
SHORT
x-orig-cache-control
max-age=600, must-revalidate

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 19 Oct 2024 11:20:38 GMT
location
https://santanderno.wpenginepowered.com/Santander/no/login.html
x-powered-by
PHP/7.4.33
bootstrap-icons.css
santanderno.wpenginepowered.com/Santander/no/login_files/
64 KB
9 KB
Stylesheet
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/bootstrap-icons.css
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-100a0"
age
2799
cf-ray
8d50614e68c03153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
font-awesome.min.css
santanderno.wpenginepowered.com/Santander/no/login_files/
30 KB
7 KB
Stylesheet
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/font-awesome.min.css
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-7918"
age
2799
cf-ray
8d50614e68c33153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
bootstrap.css
santanderno.wpenginepowered.com/Santander/no/login_files/
188 KB
26 KB
Stylesheet
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/bootstrap.css
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-2f1f7"
age
2799
cf-ray
8d50614e68c53153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
styles.css
santanderno.wpenginepowered.com/Santander/no/login_files/
9 KB
2 KB
Stylesheet
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/styles.css
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0c9274569809c29df135c41b06af782f7be5c0e6ad29d5ab5052bfd528a692

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-24cb"
age
2799
cf-ray
8d50614e68c63153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
animate.css
santanderno.wpenginepowered.com/Santander/no/login_files/
56 KB
5 KB
Stylesheet
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/animate.css
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-df07"
age
235232
cf-ray
8d50614e68ca3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
logo.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
5 KB
2 KB
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/logo.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ef80cd197cf83e5325a1b1f1468f4ccb277dea70b4e876a04b52fb21c32635c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-12b9"
age
2799
cf-ray
8d50614e68cb3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
logo_xs.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
564 B
556 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/logo_xs.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
04a77f7f1b4ca0c59a6713c64e0b56d98dacefa853679aba1d0809304cb180c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-234"
age
235232
cf-ray
8d50614e68cc3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
title_bankid.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
2 KB
946 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/title_bankid.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-81b"
age
2799
cf-ray
8d50614e88ff3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
menu.png
santanderno.wpenginepowered.com/Santander/no/login_files/
390 B
611 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/menu.png
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d167438e39071e988619af1e933c6f8232750ac9ff8f89f0b66f608107213eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cf-bgj
imgq:100,h2pri
etag
"670c9d18-373"
age
2799
cf-cache-status
HIT
cf-polished
origSize=883, status=webp_bigger
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/png
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-ray
8d50614e89033153-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
390
server
cloudflare
bar.png
santanderno.wpenginepowered.com/Santander/no/login_files/
144 B
385 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/bar.png
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
32977e26054b4dd6e82f4728c9580aeed6e09efcdb659acb479e92d71ae6a62c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cf-bgj
imgq:100,h2pri
etag
"670c9d18-152"
age
2799
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=338
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/webp
content-disposition
inline; filename="bar.webp"
vary
Accept
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
cache-control
public, max-age=31536000
cf-ray
8d50614e89073153-MAD
accept-ranges
bytes
access-control-allow-origin
*
content-length
144
server
cloudflare
help.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
760 B
677 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/help.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-2f8"
age
2799
cf-ray
8d50614e890e3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
user.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
207 B
354 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/user.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d9f62c29cb35ce1ab07d9e61e05c31d7533bc43e756d6b849de1eddec2b8ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-cf"
age
2799
cf-ray
8d50614e89113153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
arrow.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
172 B
333 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/arrow.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-ac"
age
2799
cf-ray
8d50614e89123153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
protege.svg
santanderno.wpenginepowered.com/Santander/no/login_files/
296 B
426 B
Image
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/protege.svg
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-128"
age
2799
cf-ray
8d50614e89153153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
image/svg+xml
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
jquery-3.5.1.min.js
santanderno.wpenginepowered.com/Santander/no/login_files/
87 KB
31 KB
Script
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/jquery-3.5.1.min.js
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-15d84"
age
235232
cf-ray
8d50614e890b3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
jquery.mask.js
santanderno.wpenginepowered.com/Santander/no/login_files/
23 KB
6 KB
Script
General
Full URL
https://santanderno.wpenginepowered.com/Santander/no/login_files/jquery.mask.js
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/Santander/no/login.html

Response headers

cache-control
public, max-age=31536000
content-encoding
br
cf-cache-status
HIT
etag
W/"670c9d18-5a88"
age
235232
cf-ray
8d50614e890d3153-MAD
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
application/javascript
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
server
cloudflare
last-modified
Mon, 14 Oct 2024 04:24:56 GMT
css2
fonts.googleapis.com/
28 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login_files/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 11:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 19 Oct 2024 11:11:58 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css2
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Requested by
Host: santanderno.wpenginepowered.com
URL: https://santanderno.wpenginepowered.com/Santander/no/login_files/styles.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://santanderno.wpenginepowered.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 19 Oct 2024 11:20:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 19 Oct 2024 11:20:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Sat, 19 Oct 2024 09:52:07 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f3.1e100.net
Software
sffe /
Resource Hash
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://santanderno.wpenginepowered.com
Referer
https://fonts.googleapis.com/

Response headers

age
317551
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 15 Oct 2025 19:08:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 15 Oct 2024 19:08:08 GMT
last-modified
Wed, 27 Apr 2022 16:31:23 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
34852
x-xss-protection
0
server
sffe
favicon.png
www.tecnicaturaat.ar/web/dis/santa/no/image/
Redirect Chain
  • https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
  • https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
0
0

favicon.png
www.tecnicaturaat.ar/web/dis/santa/no/image/
Redirect Chain
  • https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
  • https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.tecnicaturaat.ar
URL
https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
Domain
www.tecnicaturaat.ar
URL
https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: BankID (Banking) Santander (Banking)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
santanderno.wpenginepowered.com
www.abacigualtatdegenere.com
www.tecnicaturaat.ar
www.tecnicaturaat.ar
141.193.213.10
142.250.186.131
2a00:1450:4001:811::200a
2a12:d280:100:63::
04a77f7f1b4ca0c59a6713c64e0b56d98dacefa853679aba1d0809304cb180c4
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92
32977e26054b4dd6e82f4728c9580aeed6e09efcdb659acb479e92d71ae6a62c
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5d167438e39071e988619af1e933c6f8232750ac9ff8f89f0b66f608107213eb
74d9f62c29cb35ce1ab07d9e61e05c31d7533bc43e756d6b849de1eddec2b8ce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ef80cd197cf83e5325a1b1f1468f4ccb277dea70b4e876a04b52fb21c32635c
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1
96886a2a69914f156e4361316999ab49be356b1637f91ff839719669022c20f5
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
ea0c9274569809c29df135c41b06af782f7be5c0e6ad29d5ab5052bfd528a692
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d