![](/screenshots/0d02865d-4cbc-4398-9ef9-b6c1247b1d17.png)
login-santander.com
Open in
urlscan Pro
91.215.85.14
Malicious Activity!
Public Scan
Effective URL: https://login-santander.com/app/
Submission: On January 11 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by R3 on January 11th 2024. Valid for: 3 months.
This is the only time login-santander.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Santander (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 15 | 91.215.85.14 91.215.85.14 | 200593 (PROSPERO-AS) (PROSPERO-AS) | |
1 | 104.122.37.29 104.122.37.29 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
2 | 45.223.164.57 45.223.164.57 | 19551 (INCAPSULA) (INCAPSULA) | |
16 | 3 |
ASN16625 (AKAMAI-AS, US)
PTR: a104-122-37-29.deploy.static.akamaitechnologies.com
rolb.santanderbank.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
login-santander.com
2 redirects
login-santander.com |
218 KB |
2 |
santander.com
global.sanbot.sandigital.santander.com — Cisco Umbrella Rank: 498199 |
93 KB |
1 |
santanderbank.com
rolb.santanderbank.com — Cisco Umbrella Rank: 269800 |
|
16 | 3 |
Domain | Requested by | |
---|---|---|
15 | login-santander.com |
2 redirects
login-santander.com
|
2 | global.sanbot.sandigital.santander.com |
login-santander.com
|
1 | rolb.santanderbank.com |
login-santander.com
|
16 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
rolb.santanderbank.com |
www.santanderbank.com |
customerservice.santanderbank.com |
www.santander.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login-santander.com R3 |
2024-01-11 - 2024-04-10 |
3 months | crt.sh |
www.santanderbank.com Entrust Certification Authority - L1M |
2023-06-09 - 2024-07-07 |
a year | crt.sh |
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4 |
2023-12-23 - 2024-06-20 |
6 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://login-santander.com/app/
Frame ID: 9EFB92A6C4DAAEC4565A0C4A6EC3932A
Requests: 16 HTTP requests in this frame
Screenshot
![](/screenshots/0d02865d-4cbc-4398-9ef9-b6c1247b1d17.png)
Page Title
Santander Online Banking LoginPage URL History Show full URLs
-
https://login-santander.com/
HTTP 302
https://login-santander.com/app HTTP 301
https://login-santander.com/app/ Page URL
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: Go to main content
Search URL Search Domain Scan URL
Title: Business
Search URL Search Domain Scan URL
Title: Corporate
Search URL Search Domain Scan URL
Title: Link Your User ID Forgot Your User ID?
Search URL Search Domain Scan URL
Title: Link Forgot Your Password Forgot Your Password?
Search URL Search Domain Scan URL
Title: Link to Enroll Now Enroll Now
Search URL Search Domain Scan URL
Title: Link Digital Banking Agreement Digital Banking Agreement
Search URL Search Domain Scan URL
Title: (Open in a new tab) search our FAQs. go to FAQs
Search URL Search Domain Scan URL
Title: Online Banking feedback go to Feedback
Search URL Search Domain Scan URL
Title: (Open in new tab)Find an ATM/Branch
Search URL Search Domain Scan URL
Title: (Open in new tab)Customer Service
Search URL Search Domain Scan URL
Title: (Open in new tab)Site Map
Search URL Search Domain Scan URL
Title: (Open in new tab)Accessibility
Search URL Search Domain Scan URL
Title: (Open in new tab)Privacy and Security
Search URL Search Domain Scan URL
Title: (Open in new tab)Investor Relations
Search URL Search Domain Scan URL
Title: (Open in new tab)Media Center
Search URL Search Domain Scan URL
Title: (Open in new tab)Careers
Search URL Search Domain Scan URL
Title: (Open in new tab)About Santander
Search URL Search Domain Scan URL
Title: (Open in new tab)Privacy Policy
Search URL Search Domain Scan URL
Title: (Open in new tab)Terms of Use
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://login-santander.com/
HTTP 302
https://login-santander.com/app HTTP 301
https://login-santander.com/app/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
login-santander.com/app/ Redirect Chain
|
228 KB 30 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.2b4ba21e3013d4d0cc68.css
login-santander.com/libraries/ |
292 KB 34 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AAFF_SANDI_SYMBOL_CMYK.SVG
login-santander.com/libraries/ |
790 B 441 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
infoIcon.svg
login-santander.com/libraries/ |
660 B 320 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
minimizeIcon.svg
login-santander.com/libraries/ |
871 B 433 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
closeIcon.svg
login-santander.com/libraries/ |
43 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
rolb.santanderbank.com/OnlineBanking/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
FA_SANTANDER_PVR_POS_RGB.6b6950e7c85225731399.svg
login-santander.com/libraries/ |
7 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-login-faqs.444e81bc2593c635b5a8.svg
login-santander.com/libraries/ |
947 B 464 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
icon-login-feedback.3b28365c5184221bebf9.svg
login-santander.com/libraries/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
equal-housing-lender.8917480a90573d942deb.svg
login-santander.com/libraries/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SantanderTextW05-Regular.1072cb3109609b6f65eb.woff2
login-santander.com/libraries/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SantanderHeadlineW05-Rg.86809b022ec12f4a9332.woff2
login-santander.com/libraries/ |
46 KB 46 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
SantanderTextW05-Bold.a48c0132fe41abde8dbf.woff2
login-santander.com/libraries/ |
48 KB 48 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderHeadlineW05-Rg.woff2
global.sanbot.sandigital.santander.com/content/assets/fonts/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SantanderTextW05-Regular.woff2
global.sanbot.sandigital.santander.com/content/assets/fonts/ |
46 KB 46 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Santander (Banking)1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login-santander.com/ | Name: PHPSESSID Value: 2cd257017e0f52908553d39a4bc7f222 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
global.sanbot.sandigital.santander.com
login-santander.com
rolb.santanderbank.com
104.122.37.29
45.223.164.57
91.215.85.14
139d3dbccd39273e5a54ce739881c97defec84da46686636045e6d320ab8b13d
243493557f9376768c43bb06174937c435a3f332c9c6a006306263ec6ac25743
2d495a010c8c1f13b69bdab834640b1896ac0de7dcb8d125b19af50d91071f27
45245d728ae416657a19434010ab049cb89534a946d272b100287c9f95b2dc8e
535c47209ecf005f74929ba3bd50b107a702bead1f165b856e002165a1a56ba8
63d4e44221cbadea57451110791ca86c7ba695f8de73dd0084251916bce838ed
64105e43a16700f1acef6a731ab0967fcd29210674a967b0ddaa57c8291c6fd8
7985c151ce7d5f67907c31678a8f3b71a94fbd71223732c022bc28ef65248078
a1ca8c9c2dc1d88ee09adccbadbf48b3c031787871be7948c694ef0644d697d4
df7abc314cf6e0380973cea5ad3cd7a4536b820d974162c9d94f534f539eef0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ee57215c2569dee84dfa4ec97b152f897f9940403049db71c79a29b951e84d
ec6c6c35a35bb74b562f10541e42adcb73c8bf54fbbd2a2999078bde1a279e29
fa1cb3c1018fd2a175c77b01fceb6bbb6151aca9cb7cc26ec86b0d55c43abe9e