sd-3038361-h00031.ferozo.net
Open in
urlscan Pro
168.181.185.116
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On December 28 via api from FI — Scanned from FI
Summary
This is the only time sd-3038361-h00031.ferozo.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
5 | 168.181.185.116 168.181.185.116 | 27823 (Dattatec.com) (Dattatec.com) | |
1 | 2a00:1450:400... 2a00:1450:400d:807::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 200.61.38.87 200.61.38.87 | 20305 (Banco Rio...) (Banco Rio de la Plata S.A.) | |
1 | 2a00:1450:400... 2a00:1450:400d:806::2003 | 15169 (GOOGLE) (GOOGLE) | |
9 | 5 |
ASN27823 (Dattatec.com, AR)
PTR: vps-3038361-x.dattaweb.com
sd-3038361-h00031.ferozo.net |
ASN20305 (Banco Rio de la Plata S.A., AR)
PTR: www.personas.santander.com.ar
www2.personas.santander.com.ar |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
ferozo.net
sd-3038361-h00031.ferozo.net |
510 KB |
2 |
santander.com.ar
www2.personas.santander.com.ar — Cisco Umbrella Rank: 777665 |
7 KB |
1 |
gstatic.com
fonts.gstatic.com |
44 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127 |
1 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
5 | sd-3038361-h00031.ferozo.net |
sd-3038361-h00031.ferozo.net
|
2 | www2.personas.santander.com.ar |
sd-3038361-h00031.ferozo.net
|
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
sd-3038361-h00031.ferozo.net
|
9 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.santander.com.ar |
Subject Issuer | Validity | Valid | |
---|---|---|---|
upload.video.google.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
www.personas.santander.com.ar Entrust Certification Authority - L1M |
2022-04-20 - 2023-05-19 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-11-28 - 2023-02-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://sd-3038361-h00031.ferozo.net/
Frame ID: D9B16160EE9FF4505DAC6414D2891873
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Online Banking Santander | Inicio de Sesi贸ncheck 1brands / amex@0.5xIconos_infoGroup 5DB9B8FF2-FB33-48CD-A504-B1B7229EFF1E@0.5xbuscar-mobilebuscar06. system / SYS037 | tick in a circle Copy 8@3xArtboard 146CCFE5E-B818-4E04-9CAE-3A27EAC927D1@2xV2_Iconos topbarGroup 8Iconos_generalMesa de trabajo 1dadescargarIconos_generaladdVector Smart Object3Iconos_generaleliminareliminar02D170V2_Iconos topbarfiltrosIconos_flecha-rojaflecha-verdeicono02D170Icono_m谩sIconos_Ilustras - Feedbacks desktop (1)B. Digital, Tech & Docs/e. Arrows/BE280-download | SYMBOLS, arrow, download, descargar, save, guardar, export, exportarGroup 9 CopyGroup 5Group 9Iconos_generalleftB. Digital, Tech & Docs/d. Symbols/BD150-warning in a circle | SYMBOLS, alert, alerta, aviso, warning, peligro, danger, errorbrands / mcbrands / mcIc btn link btnB. Digital, Tech & Docs/d. Symbols/BD740-timeout | SYMBOLS, no more time, time out, timeout, tiempo agotado, expired session, sesi贸n expiradaic-errorB. Digital, Tech & Docs/c. Documents/BC390-image unavailable | DOCUMENTS, unavailable, missing, broken, not found, image, imagen, no disponible, rota, tachada, crossed, photo, picture, fotoB. Digital, Tech & Docs/c. Documents/BC390-image unavailable | 馃攳 DOCUMENTS, unavailable, missing, broken, not found, image, imagen, no disponible, rota, tachada, crossed, photo, picture, foto02. chanels / CHAN001 | acceleratorMoneyGroup 12notifiaciones-clearnotificaciones-fullB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy@0.5xV2_Iconos topbarPesosB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy 4@0.5xB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy 2@0.5xpsMobile Top-upB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy 4Asset 1Iconos_reversarrightBitmapCBDC86A1-0E3D-4F28-86F3-5CEA7EDD734B@0.5xB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy 2@0.5xC19C20C4-09FB-481C-B81F-638CAA846A54@0.5xGroup 35Group 36Group 36notifiaciones-clearIlustras - Feedbacks desktop (1)srB. Digital, Tech & Docs/e. Arrows/BE280-download | SYMBOLS, arrow, download, descargar, save, guardar, export, exportarTarjetaIlustras - TarjetasUntitled-7tcB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisin@0.5xIconos_triangle-upB. Digital, Tech & Docs/a. Devices/BA200-tv | DEVICES, TV, Smart TV, Television, Televisi贸n Copy 4@0.5xupIcono_Icono_brands / visa@0.5xbrands / visa@0.5x01. banking / BAN001C | account Currencydescargarconsulta_aliasB. Digital, Tech & Docs/d. Symbols/BD160-help in a circle | SYMBOLS, question, help, ayuda, pregunta, ask, petici贸nB. Digital, Tech & Docs/d. Symbols/BD160-help in a circle | SYMBOLS, question, help, ayuda, pregunta, ask, petici贸ninfoRotacion-izquierdaRotacion-derechaTablet-derechaTablet-izqDetected technologies
Google Font API (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Conoc茅 m谩s consejos de seguridad
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
sd-3038361-h00031.ferozo.net/ |
804 KB 367 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
101.2022-12-15_15-28-25.053500ab0dff1bc02f8e.css
sd-3038361-h00031.ferozo.net/css/ |
321 KB 39 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.2022-12-15_15-28-25.29ff2870d5543706b314.css
sd-3038361-h00031.ferozo.net/css/ |
631 KB 76 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3.2022-12-15_15-28-25.6e48d57773c68a2487b2.css
sd-3038361-h00031.ferozo.net/css/ |
37 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 3 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
102 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
11 KB 11 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
10 KB 10 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
18 KB 18 KB |
Image
img/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
16 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
964 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
818 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
513 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
desktop-sr.svg
www2.personas.santander.com.ar/obp-webapp/angular/client/app/common/images/logos-topbar/logos-rojos/ |
3 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
not_view.svg
www2.personas.santander.com.ar/obp-webapp/angular/client/app/common/images/ |
2 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Ilustracion.svg
sd-3038361-h00031.ferozo.net/css/ |
22 KB 22 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
fonts.gstatic.com
sd-3038361-h00031.ferozo.net
www2.personas.santander.com.ar
168.181.185.116
200.61.38.87
2a00:1450:400d:806::2003
2a00:1450:400d:807::200a
04f8687baa3c16d9acd0c3d5e42cefcffad2b51b8383b2819aba7034e130b098
0779d9b4944d385365154e4115175c8389e9ff102c1e15aa35167f409bbc8d28
0c74585322eb05d508e87b6994d83e66221e922d9666819177b7fa8cf08ad978
1fa2b89de33e5149065b35836f81b56c9ea0d987cc071d9101b21c398c18bad9
25af00f40d165d9af71e86ee05b47a2d8f6e9e52131af8ba35f789449060af47
2a9f76b9de9e0b337ca3490c00851ca7b6ab53a14014edbe1df9e853c8e2adc4
2d20cadb7a2efc900eb78d5dce879b7c82c1f4653abf2dca23a993ab0ffb0bd7
2fce55ed59cb32e6ffbb89c86d1c7706d86f022a3fc5c14dabdf2df9f477f93b
3b4d07452762eaf552f40a010ced3d55826738e3123a9cb148ee0f53d91ffdeb
405f3392198ce4a77c2c729b4666731fa79641190d69cd9c742c3a9f3d9fe02e
41ea90219e2453ed409ac526766b992dba6e971c9751e81c1c86e84ed64b2249
50b6d51a9d093ef2e35aa39a942d8ac8ce3d99fd5bdf003142d9a1ead4cbc033
7a0d503a62f9ba01054ec402fd5c74f28bcd88f565bbfe86e26d2b217ffb1fa3
7a4abac386c9d5f1ff0a8ff9636a56856264bb532816ecbbb8e0dc26fe126d5a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
ad78ddc98a58a2cc42c2beb49e8d1625f9e7a2060fcc7c647112290e653fd801
b20b634119b7100a41cb08da4e74cb493301e4a9da38a8bdd6e70b29c6ce6bba
bfc0929d89168e1f6f4591487d5c45503167f8ee4e6fea1e3e9557d970619e6b
c9795c8390b656c79384cbf530bc39ca1929789a26e1b3a34ea206b1f3f5f65b
ca638481d46856548289c72c4e9f390972c36c467e80fd4ed7594fb695bd4bc2
ccfc4dbb24ff0ef3597f4903c997d2d68ee45f164ddde7e77e15a73ff070135e
d66b35956bac4ade552e8ae011157e9d5ebbfa732f27201466eb3e6efc5661a8
fc344b94f3637b18d8bebf5feb01c51a2f2c317f030dba6de65bd9e355b0203f