partneroffice.cl Open in urlscan Pro
2606:4700:3036::ac43:b81f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://partneroffice.cl/abtel/gbn/
Submission: On September 24 via manual (September 24th 2024, 4:51:33 pm UTC) from DE — Scanned from DE

Summary HTTP 8 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 8 HTTP transactions. The main IP is 2606:4700:3036::ac43:b81f, located in United States and belongs to CLOUDFLARENET, US. The main domain is partneroffice.cl.
TLS certificate: Issued by WE1 on August 10th 2024. Valid for: 3 months.

This is the only time partneroffice.cl was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: National Bank of Greece (Banking)

Domain & IP information

	IP Address		AS Autonomous System
7	2606:4700:303... 2606:4700:3036::ac43:b81f		13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2

7 2606:4700:3036::ac43:b81f (United States)

ASN13335 (CLOUDFLARENET, US)

partneroffice.cl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	partneroffice.cl partneroffice.cl	51 KB
8	1

	Domain	Requested by
7	partneroffice.cl	partneroffice.cl
8	1

This site contains no links.

Subject Issuer	Validity	Valid
partneroffice.cl WE1	`2024-08-10` - `2024-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://partneroffice.cl/abtel/gbn/
Frame ID: 37A48BAF012BF0F771261627DF26A956
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ΝВG і‐bаnk

Page Statistics

8
Requests

88 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

51 kB
Transfer

271 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response partneroffice.cl/abtel/gbn/	2 KB 1 KB	267ms 233ms	Document text/html	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partneroffice.cl/abtel/gbn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c29badce64fd6986657367cc4ff55cf1e4dd99d57d53a793852a7c6d6f5dc41f` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 8c84478e79981e5a-FRA content-encoding br content-type text/html; charset=UTF-8 date Tue, 24 Sep 2024 16:51:29 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WmffAcoHRmBGp9A49AAHnTWWq75SB2KyScCUal5fYULtHCbW5wpuVF2auUN9wRNdH%2BV7hLjdWBJWzB6bMsuvCD%2B5zCiQ6sHe9LXQlbzIdcd20924jkCLafPXY0wS6zxSdqU9dZrGzxaxOZkJh7fF"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding,User-Agent x-turbo-charged-by LiteSpeed
GET H2	200	loading.css partneroffice.cl/abtel/gbn/assets/css/	198 KB 33 KB	25ms 25ms	Stylesheet text/css	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partneroffice.cl/abtel/gbn/assets/css/loading.css Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://partneroffice.cl/abtel/gbn/ Response headers cache-control public, max-age=2592000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT age 364811 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XSmsul1uOl1hbl4aOc%2Bjj42NSineQRQmGb98ek1Z83KV9K89C60YkYTca5J3iOjnJdXZgwABbhxZNu4AHIbkmI5dZcRNZS8Q7oyqIQm33iZlm2orYfv9bqhnTgFgsio9nXoAUvB7VlaLaPqoUON0"}],"group":"cf-nel","max_age":604800} cf-ray 8c84478ffb991e5a-FRA expires Sun, 20 Oct 2024 11:31:18 GMT date Tue, 24 Sep 2024 16:51:29 GMT x-turbo-charged-by LiteSpeed content-type text/css last-modified Sun, 22 Aug 2021 13:33:48 GMT vary Accept-Encoding,User-Agent,Accept-Encoding server cloudflare
GET H2	200	logo.svg partneroffice.cl/abtel/gbn/assets/img/	14 KB 5 KB	24ms 23ms	Image image/svg+xml	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://partneroffice.cl/abtel/gbn/assets/img/logo.svg Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a7291d2136d459077949df2e28734f6307acd3b245d20e8958b07dfd81f23951` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://partneroffice.cl/abtel/gbn/ Response headers cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT age 364811 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=scPJXdlUHi2dc3Bzlx69gYxRztHInFWu5NDeb5OzgDy%2Bj4GcrxoqokS1QfxXpWyou3Guet39A9ztag6Vxz9QmxVRy%2BvxTrer4FOxWYzEv7wAew4zgDYpOM5kr55yA4f%2BbDOp60SnQCSjlWP9Zuap"}],"group":"cf-nel","max_age":604800} cf-ray 8c84478ffb9a1e5a-FRA expires Fri, 27 Sep 2024 11:31:18 GMT date Tue, 24 Sep 2024 16:51:29 GMT x-turbo-charged-by LiteSpeed content-type image/svg+xml last-modified Sun, 08 Aug 2021 17:37:10 GMT vary Accept-Encoding,User-Agent server cloudflare
GET H2	200	nbg-logo-full-black.svg partneroffice.cl/abtel/gbn/assets/img/	57 KB 11 KB	29ms 29ms	Image image/svg+xml	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://partneroffice.cl/abtel/gbn/assets/img/nbg-logo-full-black.svg Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7583021663983a838e88f47a0721d751a51a302d45c69595780c083cd2e99909` Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://partneroffice.cl/abtel/gbn/ Response headers cache-control public, max-age=604800 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status HIT age 364811 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2FpgpOk8Ul4SndRYIjwHlTPTFopO9HbXJhDy4YgBRdOZYltPhJVV5RKQLExl3xVRkC63RiffT1pnR9zER9CJ3fPNA8AX1iLB%2FoYIcHQ66X3UNrYQD5SpLVH1%2BW1jsm4UDJdVIz4m6dqyX9K4Yu4H"}],"group":"cf-nel","max_age":604800} cf-ray 8c84478ffb9c1e5a-FRA expires Fri, 27 Sep 2024 11:31:18 GMT date Tue, 24 Sep 2024 16:51:29 GMT x-turbo-charged-by LiteSpeed content-type image/svg+xml last-modified Sun, 08 Aug 2021 17:37:10 GMT vary Accept-Encoding,User-Agent server cloudflare
GET H2	404	PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2 partneroffice.cl/abtel/gbn/assets/css/images/	0 0	1152ms 1151ms	Font text/html	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2 Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/assets/css/loading.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://partneroffice.cl Referer https://partneroffice.cl/abtel/gbn/assets/css/loading.css Response headers link <https://partneroffice.cl/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control no-cache cache-control max-age=14400, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa87ndXy9OuCEtrOQs3OxF3XutkgC5fUqOfotIHoG9M0qWQ%2Big0gIyuWhS9q2N57zSgyGSwLOHuGcFkP9%2B4jq2oCsb0KuYjadqBqGElV%2F5CRRPTwiGug5PjF00iyZg774H%2FNSpBeKqZRxfYN6weN"}],"group":"cf-nel","max_age":604800} cf-ray 8c8447903bf31e5a-FRA expires Wed, 11 Jan 1984 05:00:00 GMT date Tue, 24 Sep 2024 16:51:31 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding,User-Agent server cloudflare
GET H2	404	PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2 partneroffice.cl/abtel/gbn/assets/css/images/	0 0	1829ms 1829ms	Font text/html	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2 Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/assets/css/loading.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://partneroffice.cl Referer https://partneroffice.cl/abtel/gbn/assets/css/loading.css Response headers link <https://partneroffice.cl/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control no-cache cache-control max-age=14400, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lozw8g4buVpB2%2Fc%2B491S618AOfhwI%2Bn1AbsdxmBlOu%2F0xnkMH0C5jnRTd00Vgu5dmrSnK8Te3DinkAm2QTy%2BaHbrsLwFNk5pHLjOYDjZxmPaOq%2FwDlTdvy08715admgiSkux5KOXHV9okluO%2BONm"}],"group":"cf-nel","max_age":604800} cf-ray 8c8447903bfb1e5a-FRA expires Wed, 11 Jan 1984 05:00:00 GMT date Tue, 24 Sep 2024 16:51:31 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding,User-Agent server cloudflare
GET H2	404	PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff partneroffice.cl/abtel/gbn/assets/css/images/	0 0	1755ms 1755ms	Font text/html	2606:4700:3036::ac43:b81f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff Requested by Host: partneroffice.cl URL: https://partneroffice.cl/abtel/gbn/assets/css/loading.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:b81f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://partneroffice.cl Referer https://partneroffice.cl/abtel/gbn/assets/css/loading.css Response headers link <https://partneroffice.cl/wp-json/>; rel="https://api.w.org/" x-litespeed-cache-control no-cache cache-control max-age=14400, must-revalidate nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XIbxvtR4jp9bk99Ri1Q9TxKScBvTdnyHGSNChIN9EzqUh2vxUBFKxpXL%2BDSX2ZSKN6OOkHNXdDyMQyP8YWFYyoGf7TaroycVlCCh7Hhq3GK%2BiBo7iGRq%2B96P7phytjqsNL4FuFAeiMXAGnSGJz7a"}],"group":"cf-nel","max_age":604800} cf-ray 8c8447976e241e5a-FRA expires Wed, 11 Jan 1984 05:00:00 GMT date Tue, 24 Sep 2024 16:51:32 GMT x-turbo-charged-by LiteSpeed content-type text/html; charset=UTF-8 vary Accept-Encoding,User-Agent server cloudflare
GET		PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff partneroffice.cl/abtel/gbn/assets/css/images/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: partneroffice.cl
URL: https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Regular.21be48ba435316c8a4cd39438cd89083.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: National Bank of Greece (Banking)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partneroffice.cl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9410b9f2fb18cbf40e5a6b23e5c68311

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Light.23cdddacd0d56977093551f2faea9a13.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Regular.840952ed9468a2c7444f89b6f748e734.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://partneroffice.cl/abtel/gbn/assets/css/images/PFDinDisplayPro-Light.9a5171a196de11651813859c360f195f.woff Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

partneroffice.cl
partneroffice.cl
2606:4700:3036::ac43:b81f
7583021663983a838e88f47a0721d751a51a302d45c69595780c083cd2e99909
a7291d2136d459077949df2e28734f6307acd3b245d20e8958b07dfd81f23951
c29badce64fd6986657367cc4ff55cf1e4dd99d57d53a793852a7c6d6f5dc41f
eee0de974dc453065f99ef24913aad33ed87c19841d8b1269786e27378fcb53b

partneroffice.cl Open in urlscan Pro 2606:4700:3036::ac43:b81f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

8 Requests

88 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

51 kBTransfer

271 kBSize

1 Cookies

0 Outgoing links

Redirected requests

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

1 Cookies

3 Console Messages

Indicators

partneroffice.cl Open in urlscan Pro
2606:4700:3036::ac43:b81f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

8
Requests

88 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

51 kB
Transfer

271 kB
Size

1
Cookies

8 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!