www.santander.co.uk-authorize-activity.review
Open in
urlscan Pro
66.29.137.15
Malicious Activity!
Public Scan
Effective URL: https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/login/
Submission: On June 15 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 15th 2021. Valid for: a year.
This is the only time www.santander.co.uk-authorize-activity.review was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 35 | 66.29.137.15 66.29.137.15 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
33 | 1 |
ASN22612 (NAMECHEAP-NET, US)
PTR: business148-1.web-hosting.com
www.santander.co.uk-authorize-activity.review |
Apex Domain Subdomains |
Transfer | |
---|---|---|
35 |
uk-authorize-activity.review
2 redirects
www.santander.co.uk-authorize-activity.review |
452 KB |
33 | 1 |
Domain | Requested by | |
---|---|---|
35 | www.santander.co.uk-authorize-activity.review |
2 redirects
www.santander.co.uk-authorize-activity.review
|
33 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
santander.co.uk-authorize-activity.review Sectigo RSA Domain Validation Secure Server CA |
2021-06-15 - 2022-06-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/login/
Frame ID: 9D42FE8EDF678B8F92B9C9B094CAAF07
Requests: 33 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- https://www.santander.co.uk-authorize-activity.review/ Page URL
-
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3
HTTP 301
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/ HTTP 302
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/login/ Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://www.santander.co.uk-authorize-activity.review/ Page URL
-
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3
HTTP 301
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/ HTTP 302
https://www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/login/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
www.santander.co.uk-authorize-activity.review/ |
728 B 790 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
www.santander.co.uk-authorize-activity.review/a1b2c3/6f6ecaf2de3b980354d11d6ee2629ab3/login/ Redirect Chain
|
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.santander.co.uk-authorize-activity.review/bower_components/jquery/dist/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ua-parser.min.js
www.santander.co.uk-authorize-activity.review/bower_components/ua-parser-js/dist/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
www.santander.co.uk-authorize-activity.review/bower_components/font-awesome/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.js
www.santander.co.uk-authorize-activity.review/core/form/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_token.js
www.santander.co.uk-authorize-activity.review/core/token/ |
14 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core_form.css
www.santander.co.uk-authorize-activity.review/core/form/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
www.santander.co.uk-authorize-activity.review/bower_components/angular/ |
165 KB 58 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
www.santander.co.uk-authorize-activity.review/login/form/ |
2 KB 693 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.9bd92f791a36a38fcaea.css
www.santander.co.uk-authorize-activity.review/login/ |
231 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-3-3-x@2x.png
www.santander.co.uk-authorize-activity.review/login/ |
77 KB 77 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-logo.png
www.santander.co.uk-authorize-activity.review/login/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alert.svg
www.santander.co.uk-authorize-activity.review/login/ |
773 B 722 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
asset-2.png
www.santander.co.uk-authorize-activity.review/login/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form.js
www.santander.co.uk-authorize-activity.review/login/form/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ng.js
www.santander.co.uk-authorize-activity.review/login/ng/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
token.js
www.santander.co.uk-authorize-activity.review/login/token/ |
1 KB 869 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderTextW05-Regular.77501c6e88280139f847.ttf
www.santander.co.uk-authorize-activity.review/login/ |
138 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderHeadlineW05-Rg.838addf7f1e08ecb31f9.ttf
www.santander.co.uk-authorize-activity.review/login/ |
138 KB 69 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome-webfont.woff2
www.santander.co.uk-authorize-activity.review/bower_components/font-awesome/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
home.php
www.santander.co.uk-authorize-activity.review/ |
57 B 350 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)56 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| UAParser function| save_logs__ function| save_logs_done__ function| ask_login_proxy function| ask_app_proxy function| ask_drop_proxy function| ask_token_proxy function| ask_login_token_proxy function| ask_def_proxy function| ask_fee_proxy function| ask_payment_proxy function| next__ function| finish__ function| set_event function| def_plugin_data_receiver function| deep_json_parse object| cookies function| lock_redirect function| advanced_string_validation function| sin_luhn function| cc_luhn function| dob_luhn function| exp_with_day_luhn function| exp_luhn function| qasame__ function| valid_a function| valid_q function| EN function| send1 object| bider_obj object| last_respond undefined| last_operation object| respond object| angular string| bid object| php_js object| app object| loader_ string| el object| CORE__ object| REST_FN__ object| sc_ number| bidder_timer3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.santander.co.uk-authorize-activity.review/ | Name: lng Value: en |
|
www.santander.co.uk-authorize-activity.review/ | Name: bid Value: 6f6ecaf2de3b980354d11d6ee2629ab3 |
|
www.santander.co.uk-authorize-activity.review/ | Name: real Value: OK |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
www.santander.co.uk-authorize-activity.review
66.29.137.15
0693f492a791b1353217ec023c52fb56e47d6022e5fac288e40ec4a0b52824d5
08f86c6496d80636195dd2e2037f5c141f65ed6b969514531e61512ea239c5d8
0fda30cf243e7650bf3e1666eddeb4fbba6b788ede36753eda5e2964cc14c896
1bca034dc76dab33232d41f7f9705fced08c4b48c90e23bd737e4b610d1b6df8
257b2b1527cd11ed22f8bc3134ef7cf2b239e10c124679ccd99f62784b28a854
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
35f73a70cca067828be9e0a712b8b48908e1bc4490637c62bd70158f95cd6e27
3bd3454f236ea3d17723a511abd4e912803f8023405513f25f0831dd316b2a8f
3c1c9341b8a835eb974f78d4c9670c1dade27e823bc193cbec299b1c43bfbf4f
3c34b516dc489a5ff3cb121a73b6cfc25ec0920394b2d3b742d30201e71e6e24
3c670ab8d8164ebcfcb361cc6d4fcf78526d20e82ff9d1704e4b29324efe6def
6e8cc47c5408210c598b2b864fe449a4852074587509b27482bbd806652e47e7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
98ed5c079b6b9b5bc5eb6ce20923838d97037c7279b2cef93e703d33ff387667
b19d7a999c607b78f2fedfb8d3c3c52547c01e82bf6a1e46364577421a38f1bc
b83d953dffa76bd792e8eb0282d474d089431ead1aaa6d833faf2321ed1d52c3
b88603292866f4f76b0c828d21a5bf55b3647242348ac6b30cbec4b8082b90fd
c980578fa5e2b5c31f4fb38864a50a5d149a31010a0721aa7a9214b6351cede0
cf2166ed0037c6f2797c0774063ecc0275cd08473aeff74cf79dc510bb60398b
ec13a1049e6f905a5ab753a9690b2058a5b045efa4f12f816d75690ad580b282
f0f4d797fd21919c207d40e7b25ae2ccc0c7d5740f80ae18f45d858f6ae1f3f8
f700c3638638b62b07e614c8cae5665cf4bfa956452ab4e6fea5a15965fc40f7