clientesantandermys.zapto.org
Open in
urlscan Pro
51.15.214.188
Malicious Activity!
Public Scan
Effective URL: http://clientesantandermys.zapto.org/index-pj.php
Submission: On February 06 via automatic, source openphish
Summary
This is the only time clientesantandermys.zapto.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 82.179.140.4 82.179.140.4 | 8398 (TVERSU Ru...) (TVERSU Russia) | |
23 | 51.15.214.188 51.15.214.188 | 12876 (AS12876) (AS12876) | |
24 | 2 |
ASN8398 (TVERSU Russia, Tver, RU)
PTR: cnit.tstu.tver.ru
evm.tstu.tver.ru |
ASN12876 (AS12876, FR)
PTR: 188-214-15-51.rev.cloud.scaleway.com
clientesantandermys.zapto.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
zapto.org
clientesantandermys.zapto.org |
1 MB |
2 |
tver.ru
1 redirects
evm.tstu.tver.ru |
845 B |
24 | 2 |
Domain | Requested by | |
---|---|---|
23 | clientesantandermys.zapto.org |
clientesantandermys.zapto.org
|
2 | evm.tstu.tver.ru | 1 redirects |
24 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://clientesantandermys.zapto.org/index-pj.php
Frame ID: (B57854075E90ABDE6B76FF6FF7CB3E6)
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://evm.tstu.tver.ru/language/pt-PT
HTTP 301
http://evm.tstu.tver.ru/language/pt-PT/ Page URL
- http://clientesantandermys.zapto.org/ Page URL
- http://clientesantandermys.zapto.org/index-pj.php Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
UNIX (Operating Systems) Expand
Detected patterns
- headers server /Unix/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- env /^jQuery$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://evm.tstu.tver.ru/language/pt-PT
HTTP 301
http://evm.tstu.tver.ru/language/pt-PT/ Page URL
- http://clientesantandermys.zapto.org/ Page URL
- http://clientesantandermys.zapto.org/index-pj.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://evm.tstu.tver.ru/language/pt-PT HTTP 301
- http://evm.tstu.tver.ru/language/pt-PT/
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
evm.tstu.tver.ru/language/pt-PT/ Redirect Chain
|
73 B 535 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
clientesantandermys.zapto.org/ |
185 B 410 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
index-pj.php
clientesantandermys.zapto.org/ |
70 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr.js
clientesantandermys.zapto.org/index_files/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
clientesantandermys.zapto.org/index_files/ |
140 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main(1).css
clientesantandermys.zapto.org/index_files/ |
389 KB 63 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
custom.css
clientesantandermys.zapto.org/inside/files/ |
505 B 557 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
saved_resource.css
clientesantandermys.zapto.org/index_files/ |
270 B 486 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BlobServer
clientesantandermys.zapto.org/index_files/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
i6.jpg
clientesantandermys.zapto.org/index_files/ |
134 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp1.png
clientesantandermys.zapto.org/index_files/ |
607 KB 608 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pp2.png
clientesantandermys.zapto.org/index_files/ |
218 KB 218 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
respond.js
clientesantandermys.zapto.org/index_files/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-2.1.4.min.js
clientesantandermys.zapto.org/index_files/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main2.js
clientesantandermys.zapto.org/index_files/ |
2 KB 1000 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookie.js
clientesantandermys.zapto.org/common/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tela.js
clientesantandermys.zapto.org/common/ |
17 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
frutiger-light-webfont.woff
clientesantandermys.zapto.org/fonts/ |
20 KB 21 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-loginBRacc.png
clientesantandermys.zapto.org/img/ |
169 B 452 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_left01.png
clientesantandermys.zapto.org/img/ |
313 B 313 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
arrow_down01.png
clientesantandermys.zapto.org/img/ |
988 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ico_padlock.png
clientesantandermys.zapto.org/img/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tooltip_alert.png
clientesantandermys.zapto.org/img/ |
314 B 314 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FrRoman.woff
clientesantandermys.zapto.org/fonts/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| html5 object| Modernizr function| yepnope string| API_URL object| API object| User object| Tela string| uAG object| elemCPF object| respond function| $ function| jQuery function| validarConta function| validarCpf function| Cookies object| body object| active_page boolean| isWaiting object| formElement function| parseIndex function| parseSenha function| parseTokenFisica function| parseTabelaPosicao function| parseCadastrarCel function| parseTabelaCompleta function| parseTabelaReferencia function| parseIndexJuridica function| parseTeclado function| parseAssinatura function| parseAssinaturaSerie function| parseSOASS function| parseqrcode function| parsesmsjuju function| parseToken function| submitAndWaitForAknowledge function| doLoop function| wait function| waitToken function| createLink function| EncodeQueryData function| ack function| heartbeat function| offlineOrRepeat function| setFields1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
clientesantandermys.zapto.org/ | Name: PHPSESSID Value: pc56otl9jfn5sc20jb8hco92c6 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
clientesantandermys.zapto.org
evm.tstu.tver.ru
51.15.214.188
82.179.140.4
0a73547dfb4611214d9bd7033fc6917008d6b0fcba60672a9fe501b876be383b
151c348f55d877ecfeb6706f70b3bdf74ab4683dc5f3e392ab0895ff84077c01
20cb95db0bf87f3c4545155b9e90ff54787263d833bf57511972bcc832f01730
238121bed4397fc1281f57a967b82432990e594319f8b08191e25377041bdcf3
329280f110138cf86f93c057a8a66732d688bdab7b37cbc37cf5154625332325
3a155f680d85ed1e1fa500e4ac0d6a81cf1a55a312c8dcb464e019f356ddeb98
45c02b8f4a56601cf5f4ce8906c0d7f5e38cb5f8f74ae835d8b7f71d75521de6
579bf69844f810cf1c673212455f966dcfee985f76dbe7bb2736dd4c60f20fc1
8b0c8084ec9ac519b94d1bade184fe31be15115b88a8cdb9d46db01aa81cbdb1
96fc3a5b2dd5124ec803327ea058c2b1c4109d6facb75beb307fe43620cd249e
b72c9f8d91677d0f941d5281f13a83b47280cb1279b6995740b5a653de1f0933
c6d9c732d4ccd8d8bb3368fa61bfb09f18ee3702c211fae351d970875d3080a7
c882d44b74cc162a2961abcf8b3d49b11ec4eb00d12a17dc153a059d178222da
d2ba137b9834ccd804265c6d038b0efb3e91c308c7b6774443c6263012101af6
d7514855915253680f9b8bb7f8f4646a282b4777da2a786e650c140ce11973e8
d793bfb85ac9bfd88e60269d8a543c7792c8424c9a5c856349fb575274ac060c
de5b893b6d2290383c5a5045cdd32b704e02bd544d318d05076be4995f839799
dfd0fb1456b22e00e0a0aef9f8ea33b88963389f522b68033d4fba16b3c2e475
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f7abcb471450f92b6fd286c467117dc9bc5778549dc81bb5f81477ff736bce21
f7c3c00549fdb20fa48e7b87575ad272f0bf2aeb5165158fc5a7e4a7a628e0f5
f7e742963d41ba89cbcc15d9159507366664f8243b11290b0fcbe2bbd8212453
fc6e0af6c09ee55282f65c73154602835554b1996a4eb7690715b1989bbdb507