Report - portalsecurecgd.com/CGD/login.php

Report Overview

Submitted URL
portalsecurecgd.com/CGD/login.php
IP
91.215.85.79
ASN
#200593 Prospero Ooo
Submitted
2024-05-10 17:47:36
Access
public
Website Title
CGD
Final URL
portalsecurecgd.com/CGD/login.php
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
portalsecurecgd.com	unknown	unknown	No data	No data	3.9 kB	213 kB	91.215.85.79
static.cgd.pt	418020	1992-11-06	2017-02-04	2024-05-08	450 B	4.9 kB	195.234.134.176
cdn.contactcenterworld.com	unknown	2000-05-27	2019-08-15	2023-09-08	481 B	941 B	185.76.9.19

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	portalsecurecgd.com/CGD/login.php	Generic/Spear Phishing

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	portalsecurecgd.com/CGD/files/jquery.js	90 kB	2023-03-07	2024-05-20
Pretty URL portalsecurecgd.com/CGD/files/jquery.js IP 91.215.85.79 ASN #200593 Prospero Ooo Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-05-20 02:07:28 Times Seen6144 Hash 3e4bb227fb55271bfe9c9d4a09147bd8 156837f75f6600ccb602b4efcbd393636c33f35e ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127 Loading...

HTTP Transactions (10)

URL IP Response Size

portalsecurecgd.com/CGD/files/jquery.js

91.215.85.79

200 OK

30 kB

URL GET HTTP/3
portalsecurecgd.com/CGD/files/jquery.js
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
JavaScript source, ASCII text, with very long lines (65446), with CRLF line terminators
Size
30 kB (30260 bytes)
Hash
3e4bb227fb55271bfe9c9d4a09147bd8
156837f75f6600ccb602b4efcbd393636c33f35e
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

HTTP Headers

GET /CGD/files/jquery.js HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/javascript
last-modified: Wed, 05 Jan 2022 07:59:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30260
date: Fri, 10 May 2024 17:47:12 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

portalsecurecgd.com/CGD/files/login_and_register.css

91.215.85.79

200 OK

7.4 kB

URL GET HTTP/3
portalsecurecgd.com/CGD/files/login_and_register.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
7.4 kB (7387 bytes)
Hash
2fae4bc1613080360921bf572e71ea87
320bd6685cfe8e482f5e201924d8882150a20d40
4dc8a1053a0600cdfcdc74f9814dff2b4e1abbefd9d3d0badf23f35f588e5471

HTTP Headers

GET /CGD/files/login_and_register.css HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 17:47:12 GMT
content-type: text/css
last-modified: Thu, 06 Jan 2022 04:20:26 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7387
date: Fri, 10 May 2024 17:47:12 GMT

portalsecurecgd.com/CGD/files/nbp_popin.css

91.215.85.79

200 OK

1.1 kB

URL GET HTTP/3
portalsecurecgd.com/CGD/files/nbp_popin.css
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1066 bytes)
Hash
28a619dd2efb18d5ce48c1b74dd1c2c3
9ca9900574eed7e670006d415c1d955a03d07d8a
51a77b84fd1e0904911e2e93d0c39e562473ef9602624aa97161a36fd8937faa

HTTP Headers

GET /CGD/files/nbp_popin.css HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 17:47:12 GMT
content-type: text/css
last-modified: Thu, 06 Jan 2022 04:20:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1066
date: Fri, 10 May 2024 17:47:12 GMT

portalsecurecgd.com/ficheros/modern/images/icons/eye-icon_show.svg

91.215.85.79

404 Not Found

708 B

URL GET HTTP/3
portalsecurecgd.com/ficheros/modern/images/icons/eye-icon_show.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

HTTP Headers

GET /ficheros/modern/images/icons/eye-icon_show.svg HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/files/login_and_register.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Fri, 10 May 2024 17:47:12 GMT

static.cgd.pt/staticCMS/cdo/global/img/logo_CDO.gif

195.234.134.176

200 OK

4.5 kB

URL GET HTTP/1.1
static.cgd.pt/staticCMS/cdo/global/img/logo_CDO.gif
IP
195.234.134.176:443
ASN
#25253 Caixa Geral De Depositos, SA

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerDigiCert Inc
Subjectstatic.cgd.pt
Fingerprint9D:03:45:44:DA:F4:F4:C4:E9:C1:76:40:96:72:21:19:21:2E:5B:9F
ValidityFri, 30 Jun 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT

File type
PNG image data, 227 x 44, 8-bit/color RGBA, non-interlaced
Size
4.5 kB (4487 bytes)
Hash
bf95adabac975cfabf683cea4375cdd6
a93902a60b868f39b76729142ebcd4c462660a00
174b3bb7c4416bd675d599afc18ee42cfb8ee6960eaec96f1bb1c65e7c5185a6

HTTP Headers

GET /staticCMS/cdo/global/img/logo_CDO.gif HTTP/1.1
Host: static.cgd.pt
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 10 May 2024 17:46:59 GMT
X-Frame-Options: SAMEORIGIN
ETag: W/"4487-1432181889000"
Last-Modified: Thu, 21 May 2015 04:18:09 GMT
Content-Type: image/gif;charset=utf-8
Content-Length: 4487
X-XSS-Protection: 1; mode=block
Cache-control: private
Age: 13
X-Cache: HIT
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type

portalsecurecgd.com/CGD/files/SantanderTextW05-Regular.woff

91.215.85.79

200 OK

46 kB

URL GET HTTP/3
portalsecurecgd.com/CGD/files/SantanderTextW05-Regular.woff
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
Web Open Font Format, TrueType, length 46268, version 1.0
Size
46 kB (46268 bytes)
Hash
ce966ea6470e77ea66fa28923428ee9f
e0652b2b341269d2a489b66b56a01b276b88f935
78e528416f0569f2ff89bfb0dcf524f9b27a9fd847fe5e85e150f2b39fdff090

HTTP Headers

GET /CGD/files/SantanderTextW05-Regular.woff HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Fri, 17 May 2024 17:47:12 GMT
content-type: font/woff
last-modified: Sat, 27 Mar 2021 02:51:44 GMT
accept-ranges: bytes
content-length: 46268
date: Fri, 10 May 2024 17:47:12 GMT

cdn.contactcenterworld.com/images/company/caixa-geral-de-depositos-1200px-logo.png

185.76.9.19

404 Not Found

564 B

URL GET HTTP/2
cdn.contactcenterworld.com/images/company/caixa-geral-de-depositos-1200px-logo.png
IP
185.76.9.19:443
ASN
#60068 Datacamp Limited

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subject1271207372.rsc.cdn77.org
Fingerprint8C:D8:32:11:6F:1A:C8:D0:D6:24:E0:27:5B:21:4A:08:9D:03:7D:E4
ValidityFri, 22 Mar 2024 00:34:31 GMT - Thu, 20 Jun 2024 00:34:30 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
564 B (564 bytes)
Hash
8e325dc2fea7c8900fc6c4b8c6c394fe
1b3291d4eea179c84145b2814cb53e6a506ec201
0b52c5338af355699530a47683420e48c7344e779d3e815ff9943cbfdc153cf2

HTTP Headers

GET /images/company/caixa-geral-de-depositos-1200px-logo.png HTTP/1.1
Host: cdn.contactcenterworld.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 10 May 2024 17:47:12 GMT
content-type: text/html
content-length: 564
x-77-nzt: EwgBuUwJDQFBDAG5TAoTAbPMBAAADAGckiEnAfcJAAAA
x-77-nzt-ray: c0a4cc2867fcad4ba05d3e66a841ea17
x-accel-expires: @1715363283
x-accel-date: 1715362004
x-77-cache: HIT
x-77-age: 1237
server: CDN77-Turbo
x-cache: MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2

portalsecurecgd.com/ficheros/modern/images/icons/apple-touch-icon.png

91.215.85.79

404 Not Found

708 B

URL GET HTTP/3
portalsecurecgd.com/ficheros/modern/images/icons/apple-touch-icon.png
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

HTTP Headers

GET /ficheros/modern/images/icons/apple-touch-icon.png HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Fri, 10 May 2024 17:47:12 GMT

portalsecurecgd.com/ficheros/modern/images/icons/santander-icon.svg

91.215.85.79

404 Not Found

708 B

URL GET HTTP/3
portalsecurecgd.com/ficheros/modern/images/icons/santander-icon.svg
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Requested by
https://portalsecurecgd.com/CGD/login.php
Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

HTTP Headers

GET /ficheros/modern/images/icons/santander-icon.svg HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://portalsecurecgd.com/CGD/login.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Fri, 10 May 2024 17:47:12 GMT

portalsecurecgd.com/CGD/login.php

91.215.85.79

200 OK

124 kB

URL User Request GET HTTP/2
portalsecurecgd.com/CGD/login.php
IP
91.215.85.79:443
ASN
#200593 Prospero Ooo

Certificate
IssuerLet's Encrypt
Subjectportalsecurecgd.com
Fingerprint8E:17:59:D1:AD:B9:BE:12:17:94:8E:38:89:6F:D6:1E:E6:80:B7:3D
ValidityThu, 09 May 2024 13:49:59 GMT - Wed, 07 Aug 2024 13:49:58 GMT

File type

Size
124 kB (123649 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Generic/Spear Phishing

HTTP Headers

GET /CGD/login.php HTTP/1.1
Host: portalsecurecgd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Fri, 10 May 2024 17:47:11 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (10)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3