![](/screenshots/50e377e3-0db7-4d67-8964-2dce6620255b.png)
www.ardanachlettings.co.uk
Open in
urlscan Pro
2606:4700:3030::681f:5f92
Malicious Activity!
Public Scan
Effective URL: https://www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/
Submission: On February 25 via manual from US
Summary
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on May 13th 2019. Valid for: a year.
This is the only time www.ardanachlettings.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Banque Postale (Banking) Banco BPI (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 7 | 2606:4700:303... 2606:4700:3030::681f:5f92 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
6 | 185.26.46.13 185.26.46.13 | 25479 (IC2-AS) (IC2-AS) | |
13 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
ardanachlettings.co.uk
2 redirects
www.ardanachlettings.co.uk |
18 KB |
6 |
bancobpi.pt
bpinet.bancobpi.pt |
90 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
7 | www.ardanachlettings.co.uk |
2 redirects
www.ardanachlettings.co.uk
|
6 | bpinet.bancobpi.pt |
www.ardanachlettings.co.uk
|
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-05-13 - 2020-05-13 |
a year | crt.sh |
bpinet.bancobpi.pt MarketWare - Soluções para Mercados Digitais, Lda. RSA EV CA |
2019-04-03 - 2021-04-02 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/
Frame ID: 5AB5B4082A404DEA18B5EFE68627849D
Requests: 13 HTTP requests in this frame
Screenshot
![](/screenshots/50e377e3-0db7-4d67-8964-2dce6620255b.png)
Page URL History Show full URLs
-
https://www.ardanachlettings.co.uk///000/2/id732019722
HTTP 301
https://www.ardanachlettings.co.uk/000/2/id732019722/ HTTP 302
https://www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/ Page URL
Detected technologies
![](/vendor/wappa/icons/WindowsServer.png)
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
![](/vendor/wappa/icons/Microsoft ASP.NET.png)
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
![](/vendor/wappa/icons/IIS.png)
Detected patterns
- html /<input[^>]+name="__VIEWSTATE/i
Detected patterns
- headers server /^cloudflare$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.ardanachlettings.co.uk///000/2/id732019722
HTTP 301
https://www.ardanachlettings.co.uk/000/2/id732019722/ HTTP 302
https://www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/ Redirect Chain
|
11 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Icon.css
www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/log_files/ |
170 B 202 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.LT_BPINet_Modern.css
bpinet.bancobpi.pt/LT_BPINet/ |
389 KB 57 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.LT_BPINet_Modern.extra.css
bpinet.bancobpi.pt/LT_BPINet/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo_BPI.png
www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/log_files/ |
11 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BPINet_login.png
www.ardanachlettings.co.uk/000/2/id732019722/a420d057e10f146fed117277ceeb13a3/idn/log_files/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Theme.FontAwesome.css
www.ardanachlettings.co.uk/RichWidgets/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.Patterns_SilkUI.css
bpinet.bancobpi.pt/WebPatterns/ |
132 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.LT_BPI_Icons.css
bpinet.bancobpi.pt/LT_BPI/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.LT_BPIFont.css
bpinet.bancobpi.pt/LT_BPI/ |
19 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Theme.FontAwesome.css
bpinet.bancobpi.pt/RichWidgets/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTW05-Bold.woff
bpinet.bancobpi.pt/LT_BPI/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
TradeGothicLTW05-Bold.ttf
bpinet.bancobpi.pt/LT_BPI/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- bpinet.bancobpi.pt
- URL
- https://bpinet.bancobpi.pt/LT_BPI/fonts/TradeGothicLTW05-Bold.woff
- Domain
- bpinet.bancobpi.pt
- URL
- https://bpinet.bancobpi.pt/LT_BPI/fonts/TradeGothicLTW05-Bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Banque Postale (Banking) Banco BPI (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bpinet.bancobpi.pt
www.ardanachlettings.co.uk
bpinet.bancobpi.pt
185.26.46.13
2606:4700:3030::681f:5f92
0e5a5c7b53a1016eeb3287e6f7e2d5eb04d409f102e4acfcb32aee7745c9427a
0f6324ea41f414e2e46819bb647856cf7a3fd0fe2f59a3d33d0c2d59a20fa6d9
13480e1c4a3ee36ba2cbaacd54b03af5ba4a623bc521b656b9dc7af2252af05c
1e1adb7415ae9ab569e586b2f57100a481a14cf0028baf7315564795b31739e0
346c164f65d0c57d1f7cc2a1add1ed4f93941a35099617aa5e1629639726e42c
6e77b89051566bb85980c499276884558ebbfc8701c37e6b80d0d15a97085490
7395b053fc4e5989dcb2e547f5f06b3d4f530eaa6144c2ac8e3d1115e9299fcd
782bf6864627eedb155c1fa6e3592e4bf725ad9dd5ca584c9cc9f2dfe84b06b5
7c383c8c375e1da472528f5ebf96116214c6f99e41cd5afeb23130b713cc146f
d99d2c7855a2518cfc190ea94340aded988dfbfbc5404ab02a95bbd516cd5c15