superlinha-santander.com
Open in
urlscan Pro
2606:4700:3035::6815:14b0
Malicious Activity!
Public Scan
Submission: On January 08 via manual from ES — Scanned from ES
Summary
TLS certificate: Issued by GTS CA 1P5 on January 7th 2024. Valid for: 3 months.
This is the only time superlinha-santander.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2606:4700:303... 2606:4700:3035::6815:14b0 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 45.60.197.69 45.60.197.69 | 19551 (INCAPSULA) (INCAPSULA) | |
13 | 3 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
santander.pt
www.particulares.santander.pt — Cisco Umbrella Rank: 374491 |
14 KB |
1 |
superlinha-santander.com
superlinha-santander.com |
2 KB |
13 | 2 |
Domain | Requested by | |
---|---|---|
3 | www.particulares.santander.pt |
superlinha-santander.com
www.particulares.santander.pt |
1 | superlinha-santander.com | |
13 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
superlinha-santander.com GTS CA 1P5 |
2024-01-07 - 2024-04-06 |
3 months | crt.sh |
www.particulares.santander.pt Entrust Certification Authority - L1M |
2023-02-01 - 2024-02-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://superlinha-santander.com/
Frame ID: A4227CF171909B711EF07D1B0AE79C63
Requests: 13 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
superlinha-santander.com/ |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login_and_register.css
www.particulares.santander.pt/ficheros/modern/css/ |
44 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts.css
www.particulares.santander.pt/ficheros/modern/css/ |
4 KB 825 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login-image-0.svg
www.particulares.santander.pt/ficheros/modern/images/icons/ |
14 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Regular.woff2
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderHeadlineW05-Bold.woff2
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Bold.woff2
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Regular.woff
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderHeadlineW05-Bold.woff
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Bold.woff
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Regular.ttf
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderHeadlineW05-Bold.ttf
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
SantanderTextW05-Bold.ttf
www.particulares.santander.pt/ficheros/modern/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff2
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff2
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff2
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.woff
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.woff
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Regular.ttf
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderHeadlineW05-Bold.ttf
- Domain
- www.particulares.santander.pt
- URL
- https://www.particulares.santander.pt/ficheros/modern/fonts/SantanderTextW05-Bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.particulares.santander.pt/ | Name: visid_incap_2833896 Value: gkbKNt+1QpO0U97Xg29tmKg3nGUAAAAAQUIPAAAAAACfBJi34LG10BeG7ATi9rA7 |
|
.particulares.santander.pt/ | Name: incap_ses_314_2833896 Value: d/KyQq2+wCy2D8zOb41bBKg3nGUAAAAAIlgifcNhYP4W64fldgBRSw== |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
superlinha-santander.com
www.particulares.santander.pt
www.particulares.santander.pt
2606:4700:3035::6815:14b0
45.60.197.69
2f0e67192e014a837002fff61326afa99204d4b19c1b7c3d3a0c95fe4eea32df
768a38021128a2657d6267b5681dc037f9cd59f7b3b2c42a9c39879811089b16
948213e5149ae982d063fc29530c0da4d93e69ba9767003eaa510f185ab52c8d
f382fc3561e74b8cbecdbb1b22f0b1caa97b8446cee08ecbba35e2169221c490