netbacoparticulares.site Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity!

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://netbacoparticulares.site/ Page URL
2. https://netbacoparticulares.site/login Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response netbacoparticulares.site/	666 B 1 KB	144ms 74ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 010f8c68c2cf79fa6fa3a7b31f014555b474e375c58c154fbdc62dd3c4c1cdef Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 71ec07e158a6b819-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 21 Jun 2022 10:23:47 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IX6wA3sirk8nA8oH34VKwZLQXzLEKIHZr2nJb7QSgQTyPSTgrD1Iv7jlTy4k%2BddFYPUxeRRdlgvcNHiURE76PkIXA0H%2B4ABzUq3pkMYRy%2FruUPdXJBQ8TKdClj5HTp6vM1VnCmby%2FO7sZx%2Fn3Hzhkbw%2FHj3rgnE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	103ms 28ms	Script application/javascript	2001:4de0:ac18::1:a:3a STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://netbacoparticulares.site/ Origin https://netbacoparticulares.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding gzip last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx etag W/"28feccc0-15d9d" vary Accept-Encoding x-hw 1655807027.dop005.am5.t,1655807027.cds276.am5.hn,1655807027.cds210.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET H2	200	geo.js Show response get.geojs.io/v1/ip/	353 B 979 B	114ms 44ms	Script application/javascript	2606:4700:20::ac43:46e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://get.geojs.io/v1/ip/geo.js Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:46e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a68750623fa80e66ee0954cb97675278fd8ed0e9578b039a918e0d9aa316a3a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-request-id 25907d329af04946311cf6647671e2f6-AMS x-geojs-location AMS pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15552000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVZQgcmhT6U4gKsOHNddz%2FPq7OmYSzyCZeJ5FWq%2FJ8k1efKzBor0Lq9nxz4F0ZESL1b4xjsArFjSefp%2FWLFrIeM0P9jN5TFDHBQV%2FvkoDo6C%2FHvhwp5tGRN0nILaJgGjCRtrhOI9u9q82A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, private, max-age=0 cf-ray 71ec07e24fa2b710-AMS
GET H2	200	54KCMH2JI20P48DWBZG27SMUYA.html netbacoparticulares.site/	44 B 494 B	62ms 62ms	XHR text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/54KCMH2JI20P48DWBZG27SMUYA.html?ip=2a00:1630:2:1c02::6&loc=NL&city=Rotterdam&reg=South%20Holland Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Referer https://netbacoparticulares.site/ X-Requested-With XMLHttpRequest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2B0zoIYkjxaSBcY7Jb3xns7pITLV1Du4XeUNw0PFL%2F71weBMeYmFpliJBw2SeF1MEQELVt8F4e7BkdFYrwC%2FT7pnIwVQEQ6Vg9LZhoHsQiP%2B72s2TgwLaadSWCDsysbWcqPpJlY8%2F30H312YTyeM57EJb2%2Bmxcw%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cf-ray 71ec07e2ba0ab819-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	Primary Request login Show response netbacoparticulares.site/	8 KB 2 KB	70ms 70ms	Document text/html	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/login Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 70a2a09292d7d0d6f79530a5b4ad816b3d1a5cb99937d5a65cfef40ae57b9b62 Request headers Referer https://netbacoparticulares.site/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 71ec07e32df9b87e-AMS content-encoding br content-type text/html; charset=utf-8 date Tue, 21 Jun 2022 10:23:47 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F05phUsSmFY5f3qEUOHbzJsULLFh5Od6uuEzZ6Z82Pq%2Ftma4yQ3WUT8Pvy9xKrKnicMHqciwq34b%2B5wGzGiJ6kgcdMNBkf9dqJe9UNqnEMniourFk3lqDV2pI8RcLlLniR9SUkBKquslvGLOB8TRNDJ8yjsR8%2Fs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by Express
GET H3	200	login_and_register.css netbacoparticulares.site/ficheros/modern/css/	44 KB 9 KB	66ms 65ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/modern/css/login_and_register.css?v=1655293257536 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6e6fa84f10fb168b88343be650bc8c0a892154f189da86b72885916773c36342 Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"ae30-1818172a840" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:09:44 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAqU%2B6hHBfqRKJri3fgROqyRVIr8a8CdUs8FYju5Lvtv5jo8dsojo4m11QCWciRiGaoTkuOwJEJqaQ%2BybnAD%2F47oDypUFLks%2BBsFXW6wZ2t0zcV1o4tUiHItsHSvnwD0bMJN6yoqKSK%2FlefJAmENFBwnMRcs17g%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e39f14b87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	fonts.css netbacoparticulares.site/ficheros/modern/css/	4 KB 1 KB	61ms 60ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2f0e67192e014a837002fff61326afa99204d4b19c1b7c3d3a0c95fe4eea32df Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"118b-1818172cf50" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:09:54 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c9PxpPl%2FiV796bJjXdKCKp%2B3B3vjdyjVI8iE7NXvrjB0aiXT9zLZyYzP6x%2FF5bLlpRDheco5IPAKIYLxvfWrRMJHQV4%2BZ2J1ddi%2B731sCs2%2FBf6op58eBhSxctXL4mSfFbFclFfOQXUNXkzV0uJFDhEE%2B1%2FOiw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e39f17b87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	nbp_popin.css netbacoparticulares.site/ficheros/	4 KB 2 KB	83ms 83ms	Stylesheet text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/nbp_popin.css?v=1655293257536 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash a19999a6c4c3ced7c5b10218a9c57b2dbc23284893ca44c9e3ff15cfa1379386 Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"ebc-1818172e6c0" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:10:00 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncnlh6faY48RvbWa5bHKF6rdjSaMjPJAFzy6Ejbfo7F65%2BFeSy9sWsIhtx7XoACBMlyLV0MSubd0mX2zzrzavGTx%2Fp06tlS3q1v8q4ek8KA28Sa9dSyhiDiYzqRl05HFMUZWfB4KzXCstelbuYGRuqnVxghQeEI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e39f18b87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	santander-logo-red.svg netbacoparticulares.site/ficheros/modern/images/icons/	3 KB 2 KB	88ms 87ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netbacoparticulares.site/ficheros/modern/images/icons/santander-logo-red.svg Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5ba78ace4566a255ad507449ba7d10f5013f5e6ef6bc027dfcf762c3817aeac2 Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"bc3-1818176d690" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:14:18 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BamElzemZvzqBKRKxtfdakxHm52HGlKpMuM8Wy24obCxPIU2v%2BvwCMSmJcAkmkDaQ8NuCz79QILNZQVjvXPLbbBtFAvDNtoHBD5GrblR6ST6Fx%2BcvUIjp3tbV6s99S8sNLidhlbQqPQ6fIT4qMyTX6YiQqlTt4Y%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e3cf58b87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	login-image-0.svg netbacoparticulares.site/ficheros/modern/images/icons/	14 KB 5 KB	87ms 87ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netbacoparticulares.site/ficheros/modern/images/icons/login-image-0.svg Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 768a38021128a2657d6267b5681dc037f9cd59f7b3b2c42a9c39879811089b16 Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"368e-181817cc230" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:20:46 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihxE2h9LU4B6gnlY28aKzZDBHZaAgqwaAF932WzkFsGSCulvzQDoBMG0lxEBZnYL0Me1Uiyb%2FJ%2BJyb4wrzD6%2F%2BUNG%2BO53EpLt1NCEi1r5AHIS8cU8Gs6wzEICNaWnq%2F%2F9gzG%2BuNkCWFdJtGTlvhqxO2afP1Sy5s%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e3cf5ab87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	error-icon.svg netbacoparticulares.site/ficheros/modern/images/icons/	517 B 918 B	79ms 79ms	Image image/svg+xml	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netbacoparticulares.site/ficheros/modern/images/icons/error-icon.svg Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8e205ca689077232aa4e68ece422b47e83fcfb8da115d53fef7f71545786abdb Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"205-18181845b80" cf-cache-status MISS last-modified Mon, 20 Jun 2022 14:29:04 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F6jV55YDEI5Ro%2FuKf81SzNOsoEyZpbHatXKlpQjnkYt62wFy8%2FjCzx92Kxdv5kngAO4NAr88oHQWVQTamvH%2BIVfrYzadXe3gur2cLn6bRR%2B9UvRmXFwwcPamMyz%2Fk0DBcRP2We4OfwfxHXasGhxg1Nm1LzzC2c%3D"}],"group":"cf-nel","max_age":604800} content-type image/svg+xml cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e3cf5cb87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	jquery.min.js Show response netbacoparticulares.site/plugins/jquery/	87 KB 32 KB	91ms 90ms	Script application/javascript	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/plugins/jquery/jquery.min.js Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/login Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language nl-NL,nl;q=0.9 Referer https://netbacoparticulares.site/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT content-encoding br etag W/"15d9d-17ed4d13720" cf-cache-status MISS last-modified Mon, 07 Feb 2022 15:33:08 GMT server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRwHjni012FtMrgjcfYUEwgN%2FzfY1n2Qztfwq495%2FZHK%2BriagZLPQ%2F0JQAjaRmS9ZkpJxJEAb3RffXk5s9Hvvi%2FOiLiOxSry%2BB1ma1zdDIqVJKdA1vYz5KMN2Hbx4uxTG0zeMf%2FGAQ3ktGuxjHJKi8ECEzrIz8E%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 71ec07e3cf56b87e-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	SantanderTextW05-Regular.woff2 netbacoparticulares.site/ficheros/modern/fonts/	46 KB 46 KB	60ms 60ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/modern/fonts/SantanderTextW05-Regular.woff2 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b Request headers Referer https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Origin https://netbacoparticulares.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 46640 last-modified Mon, 20 Jun 2022 14:14:56 GMT server cloudflare etag W/"b630-18181776b00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEGZ7nEAnqn%2FaTUoEbQHPMsRuXa1tgf3wCsgu43Dso0MsU3vDjay1plS8FO9Zsc09Pbpbjn4SFAy8RN5lBwRpO715CdAAyUkJAmvggrmTZjH4%2BRaFxnath8dA2rBR4hyvRF6%2BGnRNaHw%2BPVdZg7nWzfSD7n6BcE%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=14400 accept-ranges bytes cf-ray 71ec07e43843b87e-AMS
GET H3	200	SantanderHeadlineW05-Bold.woff2 netbacoparticulares.site/ficheros/modern/fonts/	48 KB 48 KB	84ms 83ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/modern/fonts/SantanderHeadlineW05-Bold.woff2 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash d9292f5aeb67c87cd795b51fcd918e5d2b5a5adb7fa66659e82ad4b67471e6d3 Request headers Referer https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Origin https://netbacoparticulares.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 48884 last-modified Mon, 20 Jun 2022 14:31:32 GMT server cloudflare etag W/"bef4-18181869da0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyjOTkMvnbMOj12XLdmQuD1yaU6cWapAkqtQIvLvMtJraV7UIWQpNFjgixS2NJO0VzX9%2FzZ1J6ZGAof4zpILronF7tpJEd9mdywdLwq4S6EN7C%2FlCgZzMEGY7%2FezKE6fRRNV2811%2BY9ImU4v4wposL0pH348C4Y%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=14400 accept-ranges bytes cf-ray 71ec07e43856b87e-AMS
GET H3	200	SantanderTextW05-Bold.woff2 netbacoparticulares.site/ficheros/modern/fonts/	48 KB 49 KB	84ms 84ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netbacoparticulares.site/ficheros/modern/fonts/SantanderTextW05-Bold.woff2 Requested by Host: netbacoparticulares.site URL: https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29 Request headers Referer https://netbacoparticulares.site/ficheros/modern/css/fonts.css?v=1655293257536 Origin https://netbacoparticulares.site accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 10:23:47 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 49072 last-modified Mon, 20 Jun 2022 14:31:22 GMT server cloudflare etag W/"bfb0-18181867690" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQgDNsbJP5s%2FsDH9CFUt2a50ZdIaooSfTKF6S%2BMv5nrsyPWHwKcDjmuxkQT3DrEinluJkp1dtaRnBLoFXG8ebpZMr1BRQYRyWqmuIDta%2B%2B3BXKsEBskaGhX2jaJft63kJMMjIyL8g5zVdpJMyx0i4vbegxMrI%2Fg%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=14400 accept-ranges bytes cf-ray 71ec07e4385ab87e-AMS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Santander (Banking)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| $ function| jQuery

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			netbacoparticulares.site/	1970-01-20 04:11:48	Name: csrf-token Value: AYUMS72GZBWD84P02IJ2HMCK45
			netbacoparticulares.site/	1970-01-20 04:11:48	Name: visitor Value: 62b19c331b8aff5cd269b503
			netbacoparticulares.site/	1970-01-20 04:11:48	Name: userId Value: D6XOINPBZE5R9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
get.geojs.io
netbacoparticulares.site
2001:4de0:ac18::1:a:3a
2606:4700:20::ac43:46e9
2a06:98c1:3121::3
010f8c68c2cf79fa6fa3a7b31f014555b474e375c58c154fbdc62dd3c4c1cdef
2a68750623fa80e66ee0954cb97675278fd8ed0e9578b039a918e0d9aa316a3a
2f0e67192e014a837002fff61326afa99204d4b19c1b7c3d3a0c95fe4eea32df
5ba78ace4566a255ad507449ba7d10f5013f5e6ef6bc027dfcf762c3817aeac2
6e6fa84f10fb168b88343be650bc8c0a892154f189da86b72885916773c36342
70a2a09292d7d0d6f79530a5b4ad816b3d1a5cb99937d5a65cfef40ae57b9b62
768a38021128a2657d6267b5681dc037f9cd59f7b3b2c42a9c39879811089b16
8e205ca689077232aa4e68ece422b47e83fcfb8da115d53fef7f71545786abdb
a19999a6c4c3ced7c5b10218a9c57b2dbc23284893ca44c9e3ff15cfa1379386
d9292f5aeb67c87cd795b51fcd918e5d2b5a5adb7fa66659e82ad4b67471e6d3
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e