santanderno.wpenginepowered.com
Open in
urlscan Pro
141.193.213.10
Malicious Activity!
Public Scan
Effective URL: https://santanderno.wpenginepowered.com/Santander/no/login.html
Submission: On October 19 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by E5 on September 18th 2024. Valid for: 3 months.
This is the only time santanderno.wpenginepowered.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BankID (Banking) Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2a12:d280:100... 2a12:d280:100:63:: | 56958 (RAIOLANET...) (RAIOLANETWORKS Raiola Networks S.L.) | |
17 | 141.193.213.10 141.193.213.10 | 209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare) | |
2 | 2a00:1450:400... 2a00:1450:4001:811::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 142.250.186.131 142.250.186.131 | 15169 (GOOGLE) (GOOGLE) | |
22 | 4 |
ASN56958 (RAIOLANETWORKS Raiola Networks S.L., ES)
www.abacigualtatdegenere.com |
ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
santanderno.wpenginepowered.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
wpenginepowered.com
santanderno.wpenginepowered.com |
94 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30 |
3 KB |
1 |
gstatic.com
fonts.gstatic.com |
34 KB |
1 |
abacigualtatdegenere.com
1 redirects
www.abacigualtatdegenere.com |
312 B |
0 |
tecnicaturaat.ar
Failed
www.tecnicaturaat.ar Failed |
|
22 | 5 |
Domain | Requested by | |
---|---|---|
17 | santanderno.wpenginepowered.com |
santanderno.wpenginepowered.com
|
2 | fonts.googleapis.com |
santanderno.wpenginepowered.com
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | www.abacigualtatdegenere.com | 1 redirects |
0 | www.tecnicaturaat.ar Failed | |
22 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
wpenginepowered.com E5 |
2024-09-18 - 2024-12-17 |
3 months | crt.sh |
upload.video.google.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
*.gstatic.com WR2 |
2024-09-30 - 2024-12-23 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://santanderno.wpenginepowered.com/Santander/no/login.html
Frame ID: 5EEB08CDDC9A9F9208EF00FA6ADD4F8C
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
Nettbank for kredittkort, lån og leasing – Santander Consumer BankPage URL History Show full URLs
-
http://www.abacigualtatdegenere.com/css/
HTTP 307
https://www.abacigualtatdegenere.com/css/ HTTP 302
https://santanderno.wpenginepowered.com/Santander/no/login.html Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.abacigualtatdegenere.com/css/
HTTP 307
https://www.abacigualtatdegenere.com/css/ HTTP 302
https://santanderno.wpenginepowered.com/Santander/no/login.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 19- https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png HTTP 301
- https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
- https://tecnicaturaat.ar/web/dis/santa/no/image/favicon.png HTTP 301
- https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
login.html
santanderno.wpenginepowered.com/Santander/no/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap-icons.css
santanderno.wpenginepowered.com/Santander/no/login_files/ |
64 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
santanderno.wpenginepowered.com/Santander/no/login_files/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.css
santanderno.wpenginepowered.com/Santander/no/login_files/ |
188 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.css
santanderno.wpenginepowered.com/Santander/no/login_files/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
animate.css
santanderno.wpenginepowered.com/Santander/no/login_files/ |
56 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_xs.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
564 B 556 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
title_bankid.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
2 KB 946 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
menu.png
santanderno.wpenginepowered.com/Santander/no/login_files/ |
390 B 611 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bar.png
santanderno.wpenginepowered.com/Santander/no/login_files/ |
144 B 385 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
help.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
760 B 677 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
user.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
207 B 354 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
arrow.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
172 B 333 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
protege.svg
santanderno.wpenginepowered.com/Santander/no/login_files/ |
296 B 426 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.5.1.min.js
santanderno.wpenginepowered.com/Santander/no/login_files/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.mask.js
santanderno.wpenginepowered.com/Santander/no/login_files/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
28 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
16 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.png
www.tecnicaturaat.ar/web/dis/santa/no/image/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.png
www.tecnicaturaat.ar/web/dis/santa/no/image/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.tecnicaturaat.ar
- URL
- https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
- Domain
- www.tecnicaturaat.ar
- URL
- https://www.tecnicaturaat.ar/web/dis/santa/no/image/favicon.png
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BankID (Banking) Santander (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
santanderno.wpenginepowered.com
www.abacigualtatdegenere.com
www.tecnicaturaat.ar
www.tecnicaturaat.ar
141.193.213.10
142.250.186.131
2a00:1450:4001:811::200a
2a12:d280:100:63::
04a77f7f1b4ca0c59a6713c64e0b56d98dacefa853679aba1d0809304cb180c4
0c159070e198b7ed2a9162d6c9751f5914ff62803914d8512d60b1f5ffde4334
296d8f67dcf848a35385d138a46404f00c21f1a8eb22249473ddd9aab1f411ab
29d4588a29dc099cd87a7eb2f0c5b40e595bce81406e2622bd46411510e2a62f
2fbbbda646f6c6004b2f3670d40a1ad4d5df6c8a0089943845aa5fe55a749e92
32977e26054b4dd6e82f4728c9580aeed6e09efcdb659acb479e92d71ae6a62c
3c325075337b768950583012228055ae392e384688d77ec5235e6ca88dcec6ef
4dca530d4682ddf6f4b9053173c007f95875c2634a6b61c9573d93fc21483766
59a1460df6cb458204ec993345ff4964fa7e1a77da4ab7137e50fce8434c1d6a
5d167438e39071e988619af1e933c6f8232750ac9ff8f89f0b66f608107213eb
74d9f62c29cb35ce1ab07d9e61e05c31d7533bc43e756d6b849de1eddec2b8ce
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ef80cd197cf83e5325a1b1f1468f4ccb277dea70b4e876a04b52fb21c32635c
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
7f766030e9de9c68acdacfc671963f8cd00ba8783fc9c25e1d3f3319ebbecbd1
96886a2a69914f156e4361316999ab49be356b1637f91ff839719669022c20f5
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
be3fe55543f758d8432ed5dfa6afbe9b79b226231c1a6ff6dcaefac0b2917bfb
ea0c9274569809c29df135c41b06af782f7be5c0e6ad29d5ab5052bfd528a692
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d