amandacovach.com
Open in
urlscan Pro
104.244.79.148
Malicious Activity!
Public Scan
Submission Tags: @jcybersec_
Submission: On May 29 via api from GB
Summary
TLS certificate: Issued by cPanel, Inc. Certification Authority on May 13th 2020. Valid for: 3 months.
This is the only time amandacovach.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 104.244.79.148 104.244.79.148 | 53667 (PONYNET) (PONYNET) | |
17 | 1 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
amandacovach.com
amandacovach.com |
614 KB |
17 | 1 |
Domain | Requested by | |
---|---|---|
17 | amandacovach.com |
amandacovach.com
|
17 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
amandacovach.com cPanel, Inc. Certification Authority |
2020-05-13 - 2020-08-11 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://amandacovach.com/Santander-particulares/index.php
Frame ID: 9CF9A7617919B7B9C70E5CF99927A669
Requests: 17 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
index.php
amandacovach.com/Santander-particulares/ |
8 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js
amandacovach.com/Santander-particulares/files/ |
111 KB 111 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
amandacovach.com/Santander-particulares/files/ |
28 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gtm.js
amandacovach.com/Santander-particulares/files/ |
131 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login_and_register.css
amandacovach.com/Santander-particulares/files/ |
34 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fonts.css
amandacovach.com/Santander-particulares/files/ |
4 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nbp_popin.css
amandacovach.com/Santander-particulares/files/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nbp_jquery.js
amandacovach.com/Santander-particulares/files/ |
102 KB 102 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
globaljs.js
amandacovach.com/Santander-particulares/files/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigation_component.js
amandacovach.com/Santander-particulares/files/ |
12 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a
amandacovach.com/Santander-particulares/files/ |
43 B 258 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
santander-logo.svg
amandacovach.com/Santander-particulares/files/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
particulares.svg
amandacovach.com/Santander-particulares/files/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-image-0.svg
amandacovach.com/Santander-particulares/files/ |
14 KB 14 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderTextW05-Regular.woff2
amandacovach.com/Santander-particulares/files/fonts/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderTextW05-Bold.woff2
amandacovach.com/Santander-particulares/files/fonts/ |
48 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SantanderHeadlineW05-Bold.woff2
amandacovach.com/Santander-particulares/files/fonts/ |
48 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| google_tag_manager object| dataLayer function| GooglemKTybQhCsO function| google_trackConversion function| $ function| jQuery number| MPUpgrade function| insertNodeFromIframe function| getObject function| doSelect function| swapClass function| _load_script object| NBP boolean| google_noFurtherRedirects number| FFextraHeight function| startdyncode1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
amandacovach.com/ | Name: PHPSESSID Value: ac2cca7f0df0e92f02c3d19ddd29508a |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
amandacovach.com
104.244.79.148
249a0c0efb7104ce31c3ea8a9f5e2052823687b33ae62275464b1341d52b8cf8
3a1b2aa14e25c1271d9ce470aa025d33ac9fb1fe13be9f0f84edce81472d18b0
441f220aa2a85a4d7a0ad20843a1157744009dd95702dcdcd34f8bf30af3271f
778374e967fdaafe0050b79d44ce0e665f10925798de80124a5a9edf4d9ab8b3
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
79ea4f0a181a682e734ec60a44c4a1ab79125936971459d5412f0e64718f552f
8890a1aa6bea91bde319835123c5d4f3ec1c272cd5d35fb904ccfd69426d99af
90a2118b226eeb8f2fcb4fd80258d28a34987be2315a5cf32aacf689776ae32b
a21ed81c238898ae225bc5e4634c0e28a050c7bbd1cb65b03e4471b21b477616
ab5080a6406d023f7fb161d651dfa10e0cf5ef465b6adcb05b43033407e7fb3d
b4de36cd7ae9f7c945dc160755fd3014aa2b6a687141d661295e1c0a4be2bfe9
b7259d251024f3324c60c57dfa769c5341c3758440aa1bb9c7e2a5b3e2a740f0
d9292f5aeb67c87cd795b51fcd918e5d2b5a5adb7fa66659e82ad4b67471e6d3
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
e965cdc2305bce7e24a214289b0c69a215000c21df1f263543fc57f25e535abf
ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29
f00584ccd7db08ed477b7c8ddab2cc157b53391755391f1b03c52ae409702cd3