Suspicious

Phishings targeting Banco Santander

Suspicious and active websites

Phishings targeting Santander

Suspicious and active websites

Active

New (7d)

Trend (7d)

—

Website: bancosantander.es
About: AIRetail banking phishing concentrated in Spain, UK, Latin America. Mimics the personal banking login and OTP confirmation flow.
Hosts: Cloudflare, Inc. (2) · acens AS (1) · Amazon.com, Inc. (1)
Countries: United States (3) · Spain (1)
TLS certs: WR1 (1) · R12 (1) · Google Trust Services (1)

These are suspicious websites that could potentially be a phishing threat. The confidence is not always 100%.
It is strongly recommended to use them for Threat Hunting or add them to a Watchlist.

Last check (UTC)	First seen (UTC) ▾	URL	Flags	Details
2026-05-09 13:30	2026-05-07 13:03	https://santanderaumenta.pages.dev/index.php	OpenPhish urlscan	Details
2026-05-09 13:30	2026-04-15 13:05	https://santandervyg.transcom-fs.com	PhishTank	Details
2026-05-09 13:30	2026-04-05 17:13	https://santanderbet317.com	urlscan	Details
2026-05-09 13:30	2026-04-03 13:01	http://leia-santander.vercel.app	GSB OpenPhish	Details

URL	Screenshot	Details
https://santanderaumenta.page… OpenPhish urlscan		Details
https://santandervyg.transcom… PhishTank		Details
https://santanderbet317.com urlscan		Details
http://leia-santander.vercel.… GSB OpenPhish		Details