aplicacion-alerta.com
Open in
urlscan Pro
45.10.244.52
Malicious Activity!
Public Scan
Submission: On October 05 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by aplicacion-alerta.com on October 5th 2022. Valid for: a year.
This is the only time aplicacion-alerta.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 45.10.244.52 45.10.244.52 | 29470 (RETNNET-AS) (RETNNET-AS) | |
1 1 | 45.60.195.69 45.60.195.69 | 19551 (INCAPSULA) (INCAPSULA) | |
1 | 45.60.197.69 45.60.197.69 | 19551 (INCAPSULA) (INCAPSULA) | |
11 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
aplicacion-alerta.com
aplicacion-alerta.com |
1 MB |
1 |
bancosantander.es
particulares.bancosantander.es |
|
1 |
gruposantander.es
1 redirects
particulares.gruposantander.es — Cisco Umbrella Rank: 364645 |
1 KB |
11 | 3 |
Domain | Requested by | |
---|---|---|
10 | aplicacion-alerta.com |
aplicacion-alerta.com
|
1 | particulares.bancosantander.es |
aplicacion-alerta.com
|
1 | particulares.gruposantander.es | 1 redirects |
11 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.bancosantander.es |
onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
aplicacion-alerta.com aplicacion-alerta.com |
2022-10-05 - 2023-10-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://aplicacion-alerta.com/
Frame ID: 69BE154D232D5F114DD628670B2CD2F8
Requests: 11 HTTP requests in this frame
2 Outgoing links
These are links going to different origins than the main page.
Title: Más información
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://particulares.gruposantander.es/SUPFPA_ENS/s.cpbto?operation=logoff&responseType=json HTTP 302
- https://particulares.bancosantander.es/login/?operation=logoff&responseType=json
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
aplicacion-alerta.com/ |
161 KB 162 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.78e20816bfaff7eeb85d.css
aplicacion-alerta.com/files/ |
115 KB 115 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
particulares.bancosantander.es/login/ Redirect Chain
|
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
5.a0eacf5e15d27278eab4.js
aplicacion-alerta.com/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
aplicacion-alerta.com/files/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc2m_night2.jpeg
aplicacion-alerta.com/files/ |
643 KB 643 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderTextW05-Regular.e06575482dfb4f5ce0cb.woff2
aplicacion-alerta.com/files/ |
34 KB 34 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico3.91e24b3fe5365cff1848.woff2
aplicacion-alerta.com/files/ |
68 KB 68 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderTextW05-Bold.e0d7033809f586a71b1c.woff2
aplicacion-alerta.com/files/ |
35 KB 36 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderHeadlineW05-Rg.9f3fc5d2724d101218a0.woff2
aplicacion-alerta.com/files/ |
33 KB 33 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
san-icon.10405e3d0e04a65cd84d.woff2
aplicacion-alerta.com/files/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation boolean| isjQuery function| $ function| jQuery7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
aplicacion-alerta.com/ | Name: PHPSESSID Value: 7bea60153f7118cbdae7da5c1a92141f |
|
.gruposantander.es/ | Name: visid_incap_2833379 Value: o+7Hm9fzSQeV3xZv/rcRmRG0PWMAAAAAQUIPAAAAAACAN2kYd9eYfUHtGYMIMfmZ |
|
.gruposantander.es/ | Name: nlbi_2833379 Value: Lc+4Qqz96GBwIX/9wwp7kgAAAAAaZ5cnbiLyC/MfHdsgiPEs |
|
.gruposantander.es/ | Name: incap_ses_1607_2833379 Value: yo47f8juQF2fhBUsKzZNFhG0PWMAAAAABbUWzQ2wYP7YQG2zWyyHrw== |
|
.bancosantander.es/ | Name: visid_incap_2832658 Value: VnyemheAQvmMweFthQFa6hG0PWMAAAAAQUIPAAAAAACJ4r/5TdISRW6H/u6V5YtH |
|
.bancosantander.es/ | Name: nlbi_2832658 Value: kfHNb0AMSRRCgyuI0irIYwAAAADUe/cH34PUjo3dIDOWULLw |
|
.bancosantander.es/ | Name: incap_ses_1174_2832658 Value: fOTLfOe27U4uz6D4geNKEBG0PWMAAAAA3Si1JyH9qj1LxZIeu3vKQg== |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aplicacion-alerta.com
particulares.bancosantander.es
particulares.gruposantander.es
45.10.244.52
45.60.195.69
45.60.197.69
3ed4606acf5b41ffe0d3fbc4eb9f84ad79d9c8b7a6e0007896667fd6359f541c
55765448de2f55c24b0d4cb499e2e142adb0a6496d086052d1a4eb7e7b91309c
634513396e691b04b71ad7aa7138ff028bc9211fdea6fc98eede7f4f2dab2071
63c8882207a7f3e1ee6e8bc517102398d5441cba428fabbd2cdb578e63551862
8dc23ac1fc1a2d9fe17d4f8d70514a302c1d686b0c06ef9b4c3ec34ca593c1d3
b8c9e126d6239234ecac3acea24620d0c8ee71ba72509e58cc72aadb4aa73a54
c9f7e218b19e6c3c3db1e54d5a876309f95ce695c3cc8bc5d0b16513fc88baae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69dcb36c97e11b9ce1b1a39cc9070e44185eeb4611fd39706943ef1ea53d287
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e